urlscan.io logo urlscan.io
SecurityTrails logo

www.123greetings.com Open in urlscan Pro
184.72.244.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.maqors.com/cgi-bin/click.pl?cid=nl010556202206&lid=224961&uid=202812725
Effective URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Submission: On May 01 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 13 countries across 92 domains to perform 624 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 157809.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2022. Valid for: a year.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.225.147.131 14618 (AMAZON-AES)
1 184.72.244.154 14618 (AMAZON-AES)
21 8.250.188.124 3356 (LEVEL3)
23 8.249.23.252 3356 (LEVEL3)
3 2a00:1450:400... 15169 (GOOGLE)
57 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 52.19.198.230 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 3 18.215.121.182 14618 (AMAZON-AES)
29 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
26 142.250.185.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
54 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2600:9000:249... 16509 (AMAZON-02)
2 11 2a00:1450:400... 15169 (GOOGLE)
6 52.59.8.244 16509 (AMAZON-02)
24 35.171.240.250 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
13 22 142.250.185.98 15169 (GOOGLE)
3 14 104.102.29.65 20940 (AKAMAI-ASN1)
4 12 37.252.173.38 29990 (ASN-APPNEX)
2 34.98.64.218 15169 (GOOGLE)
2 104.90.104.248 16625 (AKAMAI-AS)
3 4 185.94.180.125 35220 (SPOTX-AMS)
3 4 18.194.227.226 16509 (AMAZON-02)
5 7 3.126.56.137 16509 (AMAZON-02)
2 185.86.139.106 201081 (SMARTADSE...)
22 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
34 92.123.225.41 20940 (AKAMAI-ASN1)
4 142.250.186.98 15169 (GOOGLE)
2 3.232.80.154 14618 (AMAZON-AES)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
4 3.69.141.3 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
10 2.20.85.164 16625 (AKAMAI-AS)
4 108.138.3.177 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 198.47.127.19 3257 (GTT-BACKB...)
12 52.28.203.152 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 10 51.89.9.253 16276 (OVH)
5 104.92.100.195 16625 (AKAMAI-AS)
1 18.194.39.232 16509 (AMAZON-02)
3 7 209.54.176.128 16509 (AMAZON-02)
6 3.33.220.150 16509 (AMAZON-02)
2 3 37.252.172.123 29990 (ASN-APPNEX)
2 2 51.178.20.139 16276 (OVH)
2 52.19.107.252 16509 (AMAZON-02)
2 3 23.75.246.168 16625 (AKAMAI-AS)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 23.205.241.117 16625 (AKAMAI-AS)
6 44.231.203.220 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.205.239.15 16625 (AKAMAI-AS)
1 2a02:26f0:de:... 20940 (AKAMAI-ASN1)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
1 78.46.85.162 24940 (HETZNER-AS)
1 46.4.62.19 24940 (HETZNER-AS)
2 46.236.13.147 12703 (PULSANT-AS)
3 2a02:26f0:b60... 20940 (AKAMAI-ASN1)
1 18.66.97.25 16509 (AMAZON-02)
1 54.243.78.84 14618 (AMAZON-AES)
1 72.251.249.14 29791 (VOXEL-DOT...)
8 52.57.69.5 16509 (AMAZON-02)
4 185.94.180.123 35220 (SPOTX-AMS)
2 54.72.0.164 16509 (AMAZON-02)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
4 4 216.200.232.249 30419 (MEDIAMATH...)
3 3 151.101.130.49 54113 (FASTLY)
2 2 50.31.142.63 22075 (AS-OUTBRAIN)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 66.155.71.150 13768 (COGECO-PEER1)
12 142.250.185.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.251.36.70 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.108 54113 (FASTLY)
3 6 76.223.111.18 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
3 4 37.157.2.236 198622 (ADFORM)
1 69.173.144.139 26667 (RUBICONPR...)
1 185.86.139.94 201081 (SMARTADSE...)
1 35.244.174.68 15169 (GOOGLE)
1 198.47.127.18 3257 (GTT-BACKB...)
5 6 18.193.145.56 16509 (AMAZON-02)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
11 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TWELVE99 ...)
6 104.36.113.107 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 34.237.23.137 14618 (AMAZON-AES)
1 72.251.241.196 29791 (VOXEL-DOT...)
2 4 54.154.135.58 16509 (AMAZON-02)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 23.88.75.187 24940 (HETZNER-AS)
1 5.161.47.120 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.139 16276 (OVH)
2 2 141.94.170.64 16276 (OVH)
2 2 52.213.127.205 16509 (AMAZON-02)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
2 204.237.133.121 3257 (GTT-BACKB...)
2 2 51.210.112.63 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 3 169.50.137.182 36351 (SOFTLAYER)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 1 51.75.146.160 16276 (OVH)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 34.111.151.213 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
1 192.132.33.46 18568 (BIDTELLECT)
1 198.47.127.20 62713 (AS-PUBMATIC)
624 108
1    54.225.147.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-147-131.compute-1.amazonaws.com
www.maqors.com
1    184.72.244.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com
www.123greetings.com
21    8.250.188.124 (United States)

ASN3356 (LEVEL3, US)
c.123g.us
23    8.249.23.252 (United States)

ASN3356 (LEVEL3, US)
i.123g.us
3    2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
57    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    52.19.198.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
s.cccobh.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    18.215.121.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-121-182.compute-1.amazonaws.com
trkn.us
29    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
web.facebook.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
26    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
pubads.g.doubleclick.net
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
54    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
5    2a02:26f0:3500:c::5c7b:6843 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.selectmedia.asia
player.selectmedia.asia
6    2600:9000:2490:3200:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
11    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    52.59.8.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
24    35.171.240.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-240-250.compute-1.amazonaws.com
track1.aniview.com
2    2600:9000:223f:bc00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
22    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
14    104.102.29.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
12    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    18.194.227.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-227-226.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
22    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2600:9000:223e:6000:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
34    92.123.225.41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-41.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
2    3.232.80.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-80-154.compute-1.amazonaws.com
go1.aniview.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    3.69.141.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-141-3.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
15    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
imasdk.googleapis.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
10    2.20.85.164 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    108.138.3.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-177.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
12    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
10    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    18.194.39.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-39-232.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
2    52.19.107.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-107-252.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    23.75.246.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com
px.owneriq.net
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
3    23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
6    44.231.203.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-203-220.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com
www.aaxdetect.com
1    2a02:26f0:de:38b::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.blau.de
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
3    2a02:26f0:b600:188::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-25.fra56.r.cloudfront.net
analytics.webgains.io
1    54.243.78.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-78-84.compute-1.amazonaws.com
sync.aniview.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
8    52.57.69.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
4    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
api.webgains.io
3    2a05:d018:d29:3605:c9e0:96ce:8ce5:2ad7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    50.31.142.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
12    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:4c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr3---sn-4g5e6nzs.googlevideo.com
1    2a00:1450:4001:f::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr3---sn-4g5edn6y.googlevideo.com
1    142.251.36.70 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:400c:c1b::8a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
6    18.193.145.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-145-56.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
11    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
6    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
4    54.154.135.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-135-58.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
2    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    213.19.147.45 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    204.237.133.121 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl
ws.rqtrk.eu
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
118 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
ade.googlesyndication.com — Cisco Umbrella Rank: 259
1 MB
79 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 165
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 194
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 275
pubads.g.doubleclick.net — Cisco Umbrella Rank: 486
ad.doubleclick.net — Cisco Umbrella Rank: 182
345 KB
44 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 993
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1633
lm.serving-sys.com — Cisco Umbrella Rank: 1700
543 KB
44 123g.us
c.123g.us — Cisco Umbrella Rank: 326102
i.123g.us — Cisco Umbrella Rank: 146367
768 KB
31 aniview.com
track1.aniview.com — Cisco Umbrella Rank: 2037
go1.aniview.com — Cisco Umbrella Rank: 5060
play.aniview.com — Cisco Umbrella Rank: 14041
player.aniview.com — Cisco Umbrella Rank: 2089
sync.aniview.com — Cisco Umbrella Rank: 2487
228 KB
26 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 420
image6.pubmatic.com — Cisco Umbrella Rank: 557
hbopenbid.pubmatic.com Failed
image8.pubmatic.com — Cisco Umbrella Rank: 576
simage2.pubmatic.com — Cisco Umbrella Rank: 592
image2.pubmatic.com — Cisco Umbrella Rank: 817
image4.pubmatic.com — Cisco Umbrella Rank: 798
simage4.pubmatic.com — Cisco Umbrella Rank: 1122
39 KB
23 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 510
htlb.casalemedia.com — Cisco Umbrella Rank: 436
dsum.casalemedia.com — Cisco Umbrella Rank: 1218
25 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 248
1 MB
22 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 972
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 393
5 KB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 63
www.google.com — Cisco Umbrella Rank: 5
2 KB
18 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 19565
static.avantisvideo.com — Cisco Umbrella Rank: 19957
cdn1.avantisvideo.com — Cisco Umbrella Rank: 22617
avm.avantisvideo.com — Cisco Umbrella Rank: 20138
events1.avantisvideo.com — Cisco Umbrella Rank: 18556
148 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
secure.adnxs.com — Cisco Umbrella Rank: 374
acdn.adnxs.com — Cisco Umbrella Rank: 561
32 KB
16 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
ajax.googleapis.com — Cisco Umbrella Rank: 278
imasdk.googleapis.com — Cisco Umbrella Rank: 384
2 MB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2509
ad4m.at — Cisco Umbrella Rank: 2081
assets.ad4m.at — Cisco Umbrella Rank: 35666
284 KB
14 cccobh.com
s.cccobh.com — Cisco Umbrella Rank: 415005
54 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
45 KB
10 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2419
pixel.rubiconproject.com — Cisco Umbrella Rank: 320
4 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 747
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 371
222 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
356 KB
8 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 505
search.spotxchange.com — Cisco Umbrella Rank: 413
7 KB
7 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 527
eb2.3lift.com — Cisco Umbrella Rank: 342
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 327
2 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 685
6 KB
6 gstatic.com
www.gstatic.com
csi.gstatic.com
14 KB
5 selectmedia.asia
tg1.selectmedia.asia — Cisco Umbrella Rank: 28831
player.selectmedia.asia — Cisco Umbrella Rank: 31266
243 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 14772
pixel.onaudience.com — Cisco Umbrella Rank: 2933
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 437
2 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2473
c1.adform.net — Cisco Umbrella Rank: 553
2 KB
4 youtube.com
s.youtube.com — Cisco Umbrella Rank: 710
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 401
2 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 391
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 754
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 532
841 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 20273
api.webgains.io — Cisco Umbrella Rank: 53722
51 KB
3 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4102
l3.aaxads.com — Cisco Umbrella Rank: 5003
143 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 901
1 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1835
casale-match.dotomi.com — Cisco Umbrella Rank: 2683
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2801
691 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 591
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2383
401 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8752
1 KB
3 facebook.com
web.facebook.com — Cisco Umbrella Rank: 243
www.facebook.com — Cisco Umbrella Rank: 103
771 B
3 trkn.us
trkn.us — Cisco Umbrella Rank: 2253
3 KB
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 106
14 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 725
943 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 394
945 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23708
2 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 628
match.taboola.com — Cisco Umbrella Rank: 2018
530 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 496
741 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 596
874 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 767
s.tribalfusion.com — Cisco Umbrella Rank: 2301
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5132
637 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1808
1 KB
2 googlevideo.com
rr3---sn-4g5e6nzs.googlevideo.com — Cisco Umbrella Rank: 88398
rr3---sn-4g5edn6y.googlevideo.com — Cisco Umbrella Rank: 66941
2 MB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 568
382 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 566
618 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41475
87 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 58533
766 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 58991
570 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1155
850 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 114535
static-de.ad4mat.net — Cisco Umbrella Rank: 160530
4 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 910
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
366 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 744
701 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 133
83 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 777
380 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1369
307 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1824
366 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3440
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2355
534 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 1839
516 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16716
366 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 4723
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 4859
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 787
217 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1364
408 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 764
621 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1421
501 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 716
363 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
594 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 409
710 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 536
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 687
779 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 543
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 71791
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 69242
2 KB
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 6767
323 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 55
38 KB
1 123greetings.com
www.123greetings.com — Cisco Umbrella Rank: 157809
9 KB
1 maqors.com
www.maqors.com
315 B
624 92
Domain Requested by
57 pagead2.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
srcdoc
44 tpc.googlesyndication.com googleads.g.doubleclick.net
www.123greetings.com
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
imasdk.googleapis.com
34 secure-ds.serving-sys.com bs.serving-sys.com
secure-ds.serving-sys.com
www.123greetings.com
27 googleads.g.doubleclick.net pagead2.googlesyndication.com
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
www.123greetings.com
googleads.g.doubleclick.net
24 track1.aniview.com www.123greetings.com
player.selectmedia.asia
player.aniview.com
23 i.123g.us www.123greetings.com
22 s0.2mdn.net www.123greetings.com
s0.2mdn.net
imasdk.googleapis.com
22 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
onetag-sys.com
eb2.3lift.com
21 c.123g.us www.123greetings.com
c.123g.us
14 imasdk.googleapis.com player.aniview.com
player.selectmedia.asia
imasdk.googleapis.com
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 s.cccobh.com c.123g.us
s.cccobh.com
13 pubads.g.doubleclick.net imasdk.googleapis.com
12 ade.googlesyndication.com
12 c2shb.pubgw.yahoo.com player.selectmedia.asia
player.aniview.com
12 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
player.selectmedia.asia
player.aniview.com
acdn.adnxs.com
11 simage2.pubmatic.com ads.pubmatic.com
11 www.google.com 2 redirects www.123greetings.com
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
10 onetag-sys.com 2 redirects player.selectmedia.asia
onetag-sys.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 www.googletagservices.com c.123g.us
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
8 prebid-server.rubiconproject.com player.aniview.com
8 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
7 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
onetag-sys.com
eb2.3lift.com
7 ups.analytics.yahoo.com 5 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 image2.pubmatic.com ads.pubmatic.com
6 x.bidswitch.net 5 redirects eb2.3lift.com
6 eb2.3lift.com 3 redirects player.selectmedia.asia
eb2.3lift.com
6 assets.ad4m.at as.ad4m.at
6 events1.avantisvideo.com www.123greetings.com
6 match.adsrvr.org ssum-sec.casalemedia.com
player.selectmedia.asia
onetag-sys.com
eb2.3lift.com
ads.pubmatic.com
6 js-sec.indexww.com player.selectmedia.asia
ssum-sec.casalemedia.com
player.aniview.com
6 bs.serving-sys.com 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
secure-ds.serving-sys.com
5 htlb.casalemedia.com player.selectmedia.asia
player.aniview.com
5 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 match.prod.bidr.io 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 s.youtube.com
4 sync.mathtag.com 4 redirects
4 search.spotxchange.com player.aniview.com
4 c.amazon-adsystem.com player.selectmedia.asia
c.amazon-adsystem.com
4 ad4m.at as.ad4m.at
ad4m.at
4 lm.serving-sys.com secure-ds.serving-sys.com
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 googleads4.g.doubleclick.net www.123greetings.com
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 pixel.advertising.com 3 redirects onetag-sys.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 player.selectmedia.asia tg1.selectmedia.asia
player.selectmedia.asia
4 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
3 um.simpli.fi 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 csi.gstatic.com imasdk.googleapis.com
3 sync-tm.everesttech.net 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
3 player.aniview.com cdn.avantisvideo.com
player.aniview.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
3 ads.pubmatic.com player.selectmedia.asia
ads.pubmatic.com
3 www.gstatic.com googleads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
3 trkn.us 1 redirects www.123greetings.com
3 i.ytimg.com www.123greetings.com
2 ad.turn.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 dmp.adform.net 2 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 c.aaxads.com www.123greetings.com
2 dpm.demdex.net ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 go1.aniview.com player.selectmedia.asia
player.aniview.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 cdn1.avantisvideo.com cdn.avantisvideo.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 static.avantisvideo.com cdn.avantisvideo.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 web.facebook.com 2 redirects
2 connect.facebook.net www.123greetings.com
connect.facebook.net
1 simage4.pubmatic.com ads.pubmatic.com
1 bttrack.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 image8.pubmatic.com onetag-sys.com
1 id.rlcdn.com onetag-sys.com
1 ssbsync-global.smartadserver.com onetag-sys.com
1 pixel.rubiconproject.com onetag-sys.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 acdn.adnxs.com player.selectmedia.asia
1 ad.doubleclick.net
1 rr3---sn-4g5edn6y.googlevideo.com
1 rr3---sn-4g5e6nzs.googlevideo.com 1 redirects
1 p.rfihub.com 1 redirects
1 ap.lijit.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 analytics.webgains.io track.webgains.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 play.aniview.com cdn.avantisvideo.com
1 l3.aaxads.com www.123greetings.com
1 www.aaxdetect.com www.123greetings.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 tlx.3lift.com player.selectmedia.asia
1 web.hb.ad.cpe.dotomi.com player.selectmedia.asia
1 static-de.ad4mat.net as.ad4m.at
1 ajax.googleapis.com s0.2mdn.net
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 tg1.selectmedia.asia securepubads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com connect.facebook.net
1 www.googletagmanager.com www.123greetings.com
1 www.123greetings.com
1 www.maqors.com 1 redirects
0 hbopenbid.pubmatic.com Failed player.selectmedia.asia
624 150
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2		 2022-03-01 -
2023-04-02		 a year crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2		 2021-08-11 -
2022-09-12		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
cccobh.com
R3		 2022-03-07 -
2022-06-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-07 -
2022-05-08		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2022-01-19 -
2023-02-20		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
wl.aniview.com
R3		 2022-04-04 -
2022-07-03		 3 months crt.sh
*.avantisvideo.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.aniview.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-04-19 -
2022-07-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-21 -
2022-06-15		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh

This page contains 94 frames:

Primary Page: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Frame ID: 0587561F76E1F8CFF676A7EE74AFBD6A
Requests: 172 HTTP requests in this frame

Frame: blob://https://www.123greetings.com/5c9d44be-0ac6-4454-801a-eafa8bd3cd42
Frame ID: D262A701AC23A04AFF9380D3A15A0D1C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: A778AA404D28B35E3C4498CAA9CBB734
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dec86d9f1acbc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff345dc12999fb94%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
Frame ID: AD09412694001AFAE2C1BE48FD899910
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1651376217&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379259469&bpp=2&bdt=1900&idt=82&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5072026763038&frm=20&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379260&ga_hid=2116933866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=1233110370848255&pem=846&tmod=737062077&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: CE294B762971B3B39996E00AE9598B99
Requests: 1 HTTP requests in this frame

Frame: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A59128EE295EB3B00A8879B180BAE6BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A32CA876ED251DE971B1FD3B57ED4CB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 9182E92AE811E23FB00BB4BB5F5B0193
Requests: 6 HTTP requests in this frame

Frame: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F6BD44C1EEDA53ED41DEAB511A04BCC
Requests: 17 HTTP requests in this frame

Frame: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6EE9E24B5D51CCDC7765D3F396ACCF5B
Requests: 19 HTTP requests in this frame

Frame: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FE6BEAD6E12F0DC30261AB49CD5E43FC
Requests: 19 HTTP requests in this frame

Frame: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88349F7609E34FD1430C5B073EA30FD0
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 10F385C03F2CF88ABEA332B8BC8523AE
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 18186513D6FA52CE27DF9339508D6207
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPCgJ6EVtElTGx9HFK_dZYEZZAnjyFzf54S6salDCGQCYeXp7U3PBrbKGwtJZMQGK7hQFYOcVsP-qExZ8QFZcFv8acafqea27OAWh0acsL3MLCgYWb6UaqcXcmTTQ77tooXKBgTSWXEB8TeJ9x_6Jmn4c82vdGI0lArLtc_E49eaPuKeuPN4No0dGJgFjhjwDYwE1rEhvuAzVdG8Oo0oLRw34X-Dq5vroAlBo1wMyTYKXUlso0q9rXBfBEjuY8T5P6tJe4eCkPTyn4ve6oRhhYgqcUOGwjYFFrMhJCGggMlvOcogD_RbtVz8Zw7QHip13NUbyQ3OH2bgrYH2oamfF-&sai=AMfl-YRk7tiVeBXi9rwGpmZsoM2xzbyToD4anyPwBq0oylMaXGBr_W5qfVkhS1fz8jIGlveVuYem2BC-5VQVF2Q1IxUReTvH1LAUyVjxpFTJzl9s0cqtD7Nj7T77J8LvXTGiEw&sig=Cg0ArKJSzIzv4pOd5QD7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FAC30307F85D320E2D15AEB7A989B15D
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup_KWVt7eP3q_PJUWaRKY3PeL9PR9JaSrI1Gi09A6hBMgq7PyO30yQzXrWwCUvWmkLgtNOG6OXEOZKjGTqqJD2lroVy0THk2mCBnDoGNLTKp21tGXOvOcg-2H2j9Nxel86JSlXAy6nHFHRY6cANkuMLDfvkwTTcfnwCEvJn9Z6UU1fmJihYWYUwD5R-rPbnrKEtK4dIhnYqhvlASKzZgTSEuihvQ3sWF-bpfKAAF79vDbNuMRcoS7V5q-7yeu4yaLVsRw_gE2MLZU9ijzLi3qZMYf6m7HD6HsJBbNxDxkl9U4bI8N828bDa_6bxr-VdeiG1S4qsxEhvK7FtOmzNdWE&sai=AMfl-YTRyEtOGAGbdYf5sjXXMUY46A-ADI7XbItxzfiOWL-rT1E1Jc3cS1Va2tRIBxLIFdMWRb2guQguSmUJP0MJWLM50FTLmSdsWiOANuvjWoYjceMcb7g7Z-H2bQnAB8w&sig=Cg0ArKJSzBuC8n9lbPN8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3017BEA7C0CEE2FF56D002ACC007F666
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUhx3VLNBEv-NYGk2pGGmyEBGZKsr2jr9G328mifnVM3qds07cGnGASa1-jGDMD_l67HwKRiR2zrRQQrHKv2GzKAr7nu_DGflNZfuAbnBlrPwhQkQGeziNH5w0Enw3eXnSX3CVvKQdQKCJC90_tmJ0-0yjWlJLokQJ50KGheQvDVliBK9pvVfcYnRR2jh9-pCbTmwlX44s9iYv6CZmEQZ5EKpH2vXiLuPjVRIVck_XAP7Fb7p3csxz4EoLKNiyH-dlT0oCOe2mcLqsxGgws9fKJEi_ih3BjB8Sn1tvuBXNZO6wn5Y5zFb-mkh9_fQN_c-5n02w9xf-ZH58n3LG3BkYqFjEDJpIOAtY&sai=AMfl-YTxvUUc7w7RaFDcsSSD6yOlsT-44B684OojSCqM1mVL4CYY7NT0hV0NkGHSN7AnDcNwh2JK0pODofsaM0_2RtoIJJvPAbIwFz0w_OcISlvpQ6b_NG7y-l8qhRM81H8&sig=Cg0ArKJSzN3go32XbxgaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9346FFB05432AA5D0D03D1D2EA335C97
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNUYdll1uDILnsDhAdlmYuLEEx0-w3Fms7T9yaLCmeO9_GXoNBtIy5tQEn6cDIHZ8rOUSP8TCqlTgksnqc6OfGZvpowM8zPG0JKZlR9JJOfD-lfR99r27_mTDHjYLqspf4mMELyskh1wwiN46psL9AEXSNXoWa5oH27CULFczKc6ShRqIvg
Frame ID: D924B41EADC06159EAE9A003DC56CDFC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNXhBiL_xB3GtSzGa6VKigphlNwofq_dwEFnBP7cZaPllNg2V52nNB6vC5H4BCGamSeAcnlH6eXxWGgL4BNwPiulVWDIXrTyHWtpqE8bv_gY2Pzm50lqbsN9oOBJYlD3-TyaeUOZXh3MDYktdsRmF7zyqlgcHKrE-2ltgl6iNwFpTr_20zw
Frame ID: 0A1861121904F5670026BBA95BED8C1E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNUzsWs_t4iG1duRE67MlggonFusEs-UXM1gI1LOaAV9qRpgx---qs2cNCRr0U-jPxUg1pT_ezzjYS7y9oJxhy8HMJrFLKzK9J_EFRkwBelB5Ps9VwDe2BQiFyvQK-PuwzMMT1shq1NNtundfOkYbY0D_oqXHTsT9efsq_yVwUf6ybii9OM
Frame ID: ACA4F0A4C1E013699F4FB2099EF882BA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYkq-jyAEwAQ&v=APEucNX0Yqhq8tFu-tvL2__V_rJQFUaczDwLir4JP2Y_F-0rBcdI_5H8tuUYPXctmG4_Tq6oNwz--G3OPGU6Todsnt6teu9wQQzz6GCQ5ELe0zZsiNaF37X20ITkeO6lgr6wD1LImXyfUXWP6SSFal0FfRV7Ov8Di7WgR6IY7wC6drlokN-IHAo
Frame ID: C27B00E098F182040E10CA4B64D3D9A3
Requests: 4 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 9A503C298B2DC785292771D993BB4DD0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Frame ID: E1AC8D7468FE94E4F025E2C91E65600D
Requests: 8 HTTP requests in this frame

Frame: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Frame ID: 3FB55C984F82A4BAAD71E1883B8F4A9F
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
Frame ID: 44E52D0B4D13406F2BEFF6740D8C819A
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Frame ID: 8C7110E0CE689D8AB44D7ADAA8CF1F03
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7046F3E0C8AFEB84DA96DB4022DD026
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AAF035A5DA7D521D1402983B1E352105
Requests: 3 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 866023F9F286ED8C498A4109DE199B06
Requests: 14 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 57B697E23B6F9B605BC105B89C7AB2E5
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8716D6F45085A899AC597AAEAC853481
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D827B5A232DBDA97A3D4BB925277E3FD
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gj5143v5gx64zjzxhwxenys33m7eqgba1473h47z1brcg5ren6gbnnysyhmfe8kwtv9s7etbr2mah08g6whswabfztwjmyjxat8c1a0y3f2pc47r1yqbn4h6xqd3xehkwa2p051w3rgm7wf6ngftdqw2s8stbw1s06p0c19qcehstdw51884vrpahrw4bjh7gv6ayeg8jkdzhqh7jdk323frdhpg7zxmmv7ztmc6p536xxzm071kb30tay2fey4zjpvrbz6qawg5qwchtk8etc1v192sqz3wndeam8nkyfp2fj05x8cgza89pzwhheqqp24k4fthdreea1h47frks761mk8kwbeq6ppcw2nk4dyw15qjn8kjvqyvymmn1trp5phwz55k6kf8mza3rvakv5mw2mv9jjw2verx9xw18fcvgkxh140&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: 3B2D3D181FF3A21F6ECA753DF4E512CB
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D1%26key%3D
Frame ID: 7D363AFB1FB01B0066A76FF85702E87F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8202E872A50C773BC6C4BF42B661B6F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 6386EF332143241D7825107F2EF076E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: C6BB6A74CF5593DD2E9FA0E012280069
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0CD3C2296E99BCDAE7F0A5CB5C22B942
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7CEE73601EC24DC44FC0A049FF42823C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 702F9A12D7B40F41DD09F1B233C8A86D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F864D9A0C7AB969D2F662D8E22309471
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Frame ID: 218D3430AB0F1B9C53F8C4C392315E21
Requests: 14 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: B9FBA3D21EF958E8FD725D8AC78D6233
Requests: 8 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1651379261103-993207081315-006267-015-006377&biddername=55&key=1546037284600551829
Frame ID: 11C177FA70F009EBA88C126C7EAED82C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D18%26key%3D%24UID
Frame ID: 875D25CE20DBE9D3E2CB72B1FF528638
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 975CACA2E988E8209406E22FB0D82CBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 660E304861B3AA5C04F680859D483427
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D89C7D54BCD4F58E5314FD396A1A1EB5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4BCCCABFB2C3A770FC7AC261740470A3
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 51E1A1B12B51006FC2D8700C052796E2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 877A507A9E51107EDAA1832F828CE134
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 358D322270D71117A7B63AD4DE2F3D22
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 705EA2E709CE9DB92E4959D0A40EDF83
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: C6994A963BE1D198A317A88960B2902A
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BEDDAC876F6A2E3D79E99BDD3FF37A50
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6436DE0D4CB1BE02762F645180BAD0C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 96752FE74088068F8509D0CB81D2CE4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AC0BB94B4C5EF55DE373B32A2908CDFC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 16E0C36BBAFFECC797BA67135DC75308
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: EF990C72B85D75532B538AE7E8EA6C06
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: ABC185DFE9B7371A8D5C87F886EE9C03
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A76A13CC58A31730790AC0ED074EB81A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F02631F8386CB38D6B139C695FED9DFE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 3767063435E39DA6443229AA9DB39947
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 86A80B7A50E9265BC204CB9EE192E0B5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: 1C5A8A6BFF465337D5071CAAE1F43985
Requests: 21 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1651379261620
Frame ID: 66633130BEAB09F5F59F16D3C82B05CE
Requests: 16 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0B127B12FDE879C4C437862AEF09907F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CDCA399B8F2E7349175172A0327F179E
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2649F8BC7216273BF51DECDBF3B725F3
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8
Frame ID: F6C17960828FA03E07729C9FE7F2BE1E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=0&gdpr_consent=
Frame ID: 136CD11235489193A5193E19E81BD45F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7889732887532466800
Frame ID: 39EE84994CC0DC27EEFF647E6CCA134D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4F5B8E80AF1656ED4C8B881FC947DCAF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7092619953649940623
Frame ID: 6E1D37348959CD1D7C752049CC7FC8AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym4MPwAF_NNNZQAZ&gdpr=0&gdpr_consent=
Frame ID: 8F42FF92F180B8068ECFCDDA3FE7F38F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JNUx-cH8TXZ8yIhqWX-qLZJGdUU
Frame ID: 5DE983ABE067365CC61301CD0C2A91EB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DE64621ED5BE81ED97FD2C2ABA169570
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 0C06B7AB0790CE22DD67A1A72CA19F16
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1A95E4A26E69D47EB224BF17607F79B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 5F02B7729530CC449A2450C452489D99
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: FF007E5CC607B87C70967C7103DB7E6A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 37492A4C2868B4F8B9A7BD2EC283B845
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsThXjMUUWSbnTXXQa
Frame ID: A39E5FCF16A6E9FDDB44AC155E879967
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 2A26A9B82422E535A57A5D616EFB0BDD
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c88adf3a-793f-4052-bc19-d5b9a8e1fdfc-tuct96791c5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 48219B4C004FE059D3BD328527DBCD19
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 6386B48429A95492E063888B7F64E887
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 762DD1D9AD723B0381B668AAA0D44BC0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 7E7F93CB0AF904943917549D291283FA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FBC9942882F2D0742E4B87FD1A02E8CB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 1D797633E731F24B3C07AAAD287A07AF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4313DC9AB9AB1B22C96F2A831C622E3B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 776E372F617A1CD7B3D9C1F3679C6C5F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E11918B953F54D59205A5ADF6BC16D27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Friday the 13th Cards, Free Friday the 13th Wishes, Greeting Cards | 123 Greetings

Page URL History Show full URLs

  1. http://www.maqors.com/cgi-bin/click.pl?cid=nl010556202206&lid=224961&uid=202812725 HTTP 302
    https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

624
Requests

90 %
HTTPS

32 %
IPv6

92
Domains

150
Subdomains

108
IPs

13
Countries

10902 kB
Transfer

24015 kB
Size

103
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.maqors.com/cgi-bin/click.pl?cid=nl010556202206&lid=224961&uid=202812725 HTTP 302
    https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://web.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dec86d9f1acbc%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff345dc12999fb94%26relation%3Dparent.parent&container_width=320&height=287&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F123GreetingsCom&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=320 HTTP 302
  • https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dec86d9f1acbc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff345dc12999fb94%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dec86d9f1acbc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff345dc12999fb94%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
Request Chain 78
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dvis=visible&ip=146.70.117.69&cuidchk=1
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1&C=1
Request Chain 171
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym4MPFKT-l8EbcsviYHnjgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAaR-qwl2IEJ0lZlAHhFgd4&google_cver=1
Request Chain 173
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU0NjAzNzI4NDYwMDU1MTgyOQ%3D%3D
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_Is-5fo0W54VKq2gtvq34&google_cver=1
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBaTKLy-3IYGw0acNaZSTzU&google_cver=1
Request Chain 178
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 180
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIBczOSMT_82nV-_wCV0NIc&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIBczOSMT_82nV-_wCV0NIc&google_cver=1&__user_check__=1&sync_id=09ae277d-c907-11ec-8adc-19bfd3920306
Request Chain 183
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=09a90e86-c907-11ec-a6c8-1eddb0c50306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDlhZTI3NDAtYzkwNy0xMWVjLThhZGMtMTliZmQzOTIwMzA2
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJzP8nPt8xrnaFJ0n-rnoD0&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJzP8nPt8xrnaFJ0n-rnoD0&_origin=1&google_cver=1&apid=UP09aa6aec-c907-11ec-bd34-02087eb080fc
Request Chain 185
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP09aa6aec-c907-11ec-bd34-02087eb080fc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwOWFhNmFlYy1jOTA3LTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
Request Chain 186
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12ZXlsa0FSRTJ1RThqRHhVYk9KUDdWdUw2b0JsZGphRH5B
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDQrleK24Ern11Gnpsc6Nbw&google_cver=1
Request Chain 338
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
Request Chain 342
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 344
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7046656612074283696&uid=Q7046656612074283696&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 345
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651465661&gdpr=1
Request Chain 376
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683
Request Chain 379
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022050106274267922799345X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth
Request Chain 391
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1651379261103-993207081315-006267-015-006377&biddername=55&key=1546037284600551829
Request Chain 418
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=1&gdpr_consent=
Request Chain 419
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Ym4MPwAF_NNNZQAZ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym4MPwAF_NNNZQAZ&gdpr=1&_test=Ym4MPwAF_NNNZQAZ
Request Chain 421
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 422
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685623021286509
Request Chain 473
  • https://rr3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1651408064&ei=QAxuYs-THo3p1gLa_pPACQ&ip=146.70.117.69&id=fed43a94fd383d1a&itag=22&source=youtube&requiressl=yes&mh=Tc&mm=31&mn=sn-4g5e6nzs&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1651280458984614&mt=1651379129&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgFRXqlbh4XrZvnHDaye9qpKlBf28uGRYUyFQApp7tryMCIEWvQ6G3DDmc7rVp74OZqPQOM4LVpgEyQOUJzSJRkenq&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALd2lYWnv8i_qLsYwWQZbc57V9KNbGuJuLlk_Zg63QeZAiAwbw82zKMbkkJV5o9AMhfsNskYhrkCgnywO9OixjoIpQ==&cpn=F4fgioLb910xjrQC HTTP 302
  • https://rr3---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1651408064&ei=QAxuYs-THo3p1gLa_pPACQ&ip=146.70.117.69&id=fed43a94fd383d1a&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1651280458984614&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgFRXqlbh4XrZvnHDaye9qpKlBf28uGRYUyFQApp7tryMCIEWvQ6G3DDmc7rVp74OZqPQOM4LVpgEyQOUJzSJRkenq&cpn=F4fgioLb910xjrQC&redirect_counter=1&rm=sn-4g5ede7s&req_id=da17edcc2e136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Tc&mip=2001:ac8:20:271::1e&mm=31&mn=sn-4g5edn6y&ms=au&mt=1651379082&mv=m&mvi=3&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJXlVQg9mC9Qp2VQSSy31iwZuHle7nNUJPCRhzoiO-TLAiAGMMh1nAZVn7kDmaQk9-2RwvGb11EaFpnyBIQjVo7TFQ%3D%3D
Request Chain 513
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 514
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
  • https://onetag-sys.com/sync/i,1/930c626e-0c40-4400-90a8-8bc76f51a7cb
Request Chain 516
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=90TQjaKa67kmYKQDBQ0rZmc95E_oLUwI-sRCj7eUsho HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=90TQjaKa67kmYKQDBQ0rZmc95E_oLUwI-sRCj7eUsho HTTP 302
  • https://onetag-sys.com/sync/i,34/5867207847807012380
Request Chain 517
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1546037284600551829
Request Chain 520
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgH3f7esCDCnRK0rNhqW2IoDpvYlW2e5gLw
Request Chain 523
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=jbAQuplltF_0SSeBnBM2dqZpfb3G-6r9Y2UjH6pcreA
Request Chain 525
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEw6JXjmJYIYT7kafdS-Mj4&google_cver=1
Request Chain 526
  • https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-j646NS1E2uF2ow2QQph0t52XlZmY.SEgnDvzDX8-~A
Request Chain 528
  • https://x.bidswitch.net/sync?ssp=onetag HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d0246778-8aef-5279-8b3d-b8fce953b4b9&ssp=onetag&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 530
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
Request Chain 532
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
Request Chain 534
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4371676325186298398705?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eIHpfo5E2oTQ4afWN2bItNdwl4g_fQRx59HMZCT5IQ--~A&dongle=0883
Request Chain 537
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4371676325186298398705 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4371676325186298398705&dcc=t
Request Chain 538
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 546
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=0&gdpr_consent=
Request Chain 547
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7889732887532466800
Request Chain 549
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7092619953649940623
Request Chain 550
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym4MPwAF_NNNZQAZ&gdpr=0&gdpr_consent=
Request Chain 551
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JNUx-cH8TXZ8yIhqWX-qLZJGdUU
Request Chain 553
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCa09VN0UzQmtBQUQwbmVETlBCUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 554
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 555
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 558
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7b2cf66481e722d0/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsThXjMUUWSbnTXXQa HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=7b2cf66481e722d0/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7GPoEAlsThXjMUUWSbnTXXQa HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D7GPoEAlsThXjMUUWSbnTXXQa HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsThXjMUUWSbnTXXQa
Request Chain 559
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1651379269207 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 560
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c88adf3a-793f-4052-bc19-d5b9a8e1fdfc-tuct96791c5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 561
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_x2UdoipTJyeME89TY6G-A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 562
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=930c626e-0c40-4400-90a8-8bc76f51a7cb
Request Chain 563
  • https://pixel.onaudience.com/?partner=214&mapped=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=caf998bf89a3cf9cecc4da3ff162d008&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Request Chain 564
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkYxRDk0NzYtODhBOS00QzlDLTlFMzAtNEYzRDREOEU4NkY4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 565
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB8rcwn86bLXMrlK2C7s534&google_cver=1
Request Chain 567
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3134622568505817588
Request Chain 569
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546037284600551829&gdpr=0&gdpr_consent=
Request Chain 570
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-
Request Chain 572
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PytjsCxE2uWiL9sE0SxUyC.R2R6.lmo-~A&gdpr=0&gdpr_consent=
Request Chain 573
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 574
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b40261cf-859a-4c7f-a1f4-0a767c177238&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 576
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3564152428396377571&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 578
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546037284600551829
Request Chain 580
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3996497992623945187
Request Chain 581
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5kv9B-Aa_1f9SvpU5x3mBrRPrwf9Tahb6RrsizkO
Request Chain 582
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 583
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eb5d822e-2a3f-d309-468a5fe5
Request Chain 584
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
Request Chain 585
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

624 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.123greetings.com/events/friday_the_13th/
Redirect Chain
  • http://www.maqors.com/cgi-bin/click.pl?cid=nl010556202206&lid=224961&uid=202812725
  • https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a0faf076c9d9ea0ee9b8870e69dbb660866aec0ff5952c800e171b5781978727
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
83
Cache-Control
max-age=900
Connection
close
Content-Encoding
gzip
Content-Length
8317
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 May 2022 04:26:14 GMT
ETag
"863e-5ddeafcce0840"
Expires
Sun, 01 May 2022 04:41:14 GMT
Last-Modified
Sun, 01 May 2022 03:36:57 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
X-FRAME-OPTIONS
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
394
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 01 May 2022 04:27:35 GMT
Location
https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Server
Apache/2.2.15 (CentOS)
sub_categories_R1.css
c.123g.us/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/sub_categories_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 08:49:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:23:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
502671
ETag
"225f-571586732da80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2397
jake_test
Test_Pass
Expires
Mon, 25 Apr 2022 09:04:47 GMT
chk_script.js
c.123g.us/js2/ 		912 B
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/chk_script.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b24a2cb5992e8786101b34359e5b00b71cb48f654cbe9d0eb74133a7e45a569d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 13:28:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Mar 2022 13:24:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
140357
ETag
"390-5db6f762bfb80"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
503
jake_test
Test_Pass
Expires
Fri, 29 Apr 2022 13:43:21 GMT
118622_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/118622_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d87a9c310e37578476865ce94343cdb05adfd94c36b4ac7a032a5731b9587444

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 16:21:52 GMT
Last-Modified
Mon, 24 Feb 2014 08:16:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
2203547
ETag
"1926-4f3229808e500"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6438
jake_test
Test_Pass
Expires
Tue, 05 Apr 2022 16:36:52 GMT
341355_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/341355_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b27ce925b6343707504930472b0860d9a545152372785d89de6d99c6f8d591bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 17:40:35 GMT
Last-Modified
Tue, 03 Dec 2019 10:46:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
1421224
ETag
"1f1b-598ca681b7940"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7963
jake_test
Test_Pass
Expires
Thu, 14 Apr 2022 17:55:35 GMT
111226_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/111226_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a51eeb2f1f3b67cce3a83025073a20cbd9ee28dc32a0d3ecf1f60069f1b67ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 01:11:50 GMT
Last-Modified
Mon, 24 Feb 2014 08:16:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
1653349
ETag
"1f8d-4f3229808e500"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8077
Expires
Tue, 12 Apr 2022 01:26:52 GMT
340333_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/340333_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ed7ed464c1ef2b95184d30f547a08edd1ca6f85108276288b17bcdd0a44e5752

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 24 Apr 2022 17:09:35 GMT
Last-Modified
Wed, 11 Sep 2019 13:33:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
559084
ETag
"1d99-59247128b36c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7577
jake_test
Test_Pass
Expires
Tue, 26 Apr 2022 19:29:21 GMT
316666_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/316666_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7d244c73005602f928ad42e9fa25b2c1709390c01ab3ca8fd6a629807dcb937e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 19:24:47 GMT
Last-Modified
Mon, 17 Aug 2015 22:55:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
1069372
ETag
"3385-51d89b3186a00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13189
jake_test
Test_Pass
Expires
Wed, 20 Apr 2022 11:29:34 GMT
114661_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/114661_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9d420c1b825184f098cba9cc45501cca1613e0ac75fa3549c4114dcd054e1211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 08 Apr 2022 21:37:11 GMT
Last-Modified
Mon, 24 Feb 2014 09:39:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1925428
ETag
"fac-4f323bf13e680"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4012
jake_test
Test_Pass
Expires
Fri, 08 Apr 2022 21:52:11 GMT
344832_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/344832_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
0ba635a404c78c9b872896285d081d72a1c6a85262593e8896c5e29f8845fc0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 02:19:33 GMT
Last-Modified
Thu, 03 Jun 2021 13:10:28 GMT
Server
Footprint Distributor V6.1.1162
Age
180486
ETag
"1f1f-5c3dc4c8bb900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7967
jake_test
Test_Pass
Expires
Fri, 29 Apr 2022 02:34:33 GMT
111223_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/111223_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
192936c24048b5288ea27ffa31f8e39d0a1fcca839844d879f1e6346243ffbf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 07:04:35 GMT
Last-Modified
Mon, 24 Feb 2014 09:39:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1545784
ETag
"18f5-4f323bf13e680"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6389
Expires
Wed, 13 Apr 2022 07:19:35 GMT
118621_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/118621_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b073a4a2cf50a04ef23ca8b2d1550118a521729075a3eeb69312b46c9e6fde95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 18:54:27 GMT
Last-Modified
Mon, 24 Feb 2014 08:16:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
1071192
ETag
"1893-4f3229808e500"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6291
jake_test
Test_Pass
Expires
Mon, 18 Apr 2022 19:09:27 GMT
118623_th.gif
i.123g.us/c/emay_fridaythe13th/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_fridaythe13th/th/118623_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9654cfbc4275cf90db09a8b45c858a583a3540d0b3ad66823f67fa2254cf1230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 18:39:18 GMT
Last-Modified
Mon, 24 Feb 2014 09:39:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1072101
ETag
"1ea8-4f323bf13e680"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7848
Expires
Wed, 20 Apr 2022 11:29:33 GMT
cal_block2.gif
i.123g.us/images/special_block/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/images/special_block/cal_block2.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 05:42:55 GMT
Last-Modified
Mon, 18 Apr 2022 05:41:47 GMT
Server
Apache/2.2.15 (CentOS)
Age
1118684
ETag
"5fd2-5dce7374e7cc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
jake_test
Test_Pass
Expires
Mon, 18 Apr 2022 05:57:58 GMT
343820_ic.gif
i.123g.us/c/birth_happybirthday/ic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_happybirthday/ic/343820_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
644e32e5b4393a7fb78af2ac90cc1e45112c1e9993daf50b5e4314a95272b71d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 09:18:37 GMT
Last-Modified
Sat, 04 Jul 2020 07:54:25 GMT
Server
Apache/2.2.15 (CentOS)
Age
760142
ETag
"fe5-5a998f3440e40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4069
jake_test
Test_Pass
Expires
Mon, 25 Apr 2022 14:52:06 GMT
default.jpg
i.ytimg.com/vi/jP3JIXFFBqM/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/jP3JIXFFBqM/default.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
246aed237957e138b57bd8d77d62cd8f8cd51b40d68a448849773a5196e732e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:26:11 GMT
x-content-type-options
nosniff
age
87
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4799
x-xss-protection
0
server
sffe
etag
"1420408671"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 May 2022 06:26:11 GMT
343275_ic.gif
i.123g.us/c/emay_mothersday_happy/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_happy/ic/343275_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9e860e08c06655c597a3ef22428c270bc88f67e3204c73cb2738490b193eab81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 03 Apr 2022 05:59:43 GMT
Last-Modified
Wed, 06 May 2020 11:06:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
2413676
ETag
"ae1-5a4f8c07fd100"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2785
jake_test
Test_Pass
Expires
Sun, 03 Apr 2022 06:14:43 GMT
118996_ic.gif
i.123g.us/c/birth_wishes/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_wishes/ic/118996_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6ec673d424147e19640e15aa01cc5d7fcded63feebc1db7a75e91cbbfd2f1151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 12:48:46 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
488333
ETag
"b97-4f323db63d340"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2967
jake_test
Test_Pass
Expires
Mon, 25 Apr 2022 13:03:46 GMT
122691_ic.gif
i.123g.us/c/emay_mayday/ic/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mayday/ic/122691_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
15a2a4988264a8573fe8916288d37fc69d656b6b6fad056dad08558437bcd828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 05:04:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:05 GMT
Server
Apache/2.2.15 (CentOS)
Age
1034605
ETag
"c9c-4f323de403f40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3228
jake_test
Test_Pass
Expires
Tue, 19 Apr 2022 05:19:14 GMT
330286_ic.gif
i.123g.us/c/anniv_wedanniv_couple/ic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/anniv_wedanniv_couple/ic/330286_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dad4127a2c2ec0b83670955fd8934c6b1ecf84a09bbdf8ce4cf64d48d920a660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 03 Apr 2022 15:53:43 GMT
Last-Modified
Wed, 16 Aug 2017 13:46:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
2378036
ETag
"ea0-556df1fd064c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3744
jake_test
Test_Pass
Expires
Sun, 03 Apr 2022 19:10:33 GMT
1.jpg
i.ytimg.com/vi/reS2ujkNpVE/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/reS2ujkNpVE/1.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71190962c30ce4f939a80750acbf377bf3db13baad60285be9a321d0ac0d87c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:53:48 GMT
x-content-type-options
nosniff
age
5630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3651
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 May 2022 04:53:48 GMT
333137_ic.jpg
i.123g.us/c/anniv_anniversaryetc/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/anniv_anniversaryetc/ic/333137_ic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c65b1c64ad4e1945b0ecd28f71b805c5190a05a0966a99cfb91038e36197274b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 14:01:12 GMT
Last-Modified
Mon, 19 Feb 2018 05:49:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
1866387
ETag
"b49-5658a41992100"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2889
jake_test
Test_Pass
Expires
Sat, 09 Apr 2022 14:16:12 GMT
108291_ic.gif
i.123g.us/c/emay_mothersday_fnd/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_fnd/ic/108291_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6c05bffc05b2e0aa6624410cc165e71b8bfb142c194445d4f562697525952885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 09:05:13 GMT
Last-Modified
Mon, 24 Feb 2014 09:45:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
501746
ETag
"bde-4f323d4c61980"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3038
jake_test
Test_Pass
Expires
Mon, 25 Apr 2022 09:20:13 GMT
114931_ic.gif
i.123g.us/c/emay_mothersday_friends/ic/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_friends/ic/114931_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ee2316027ec829664d19a7aba850fac1c9571868fe1b0e7ccf2785ba4b8223c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:30:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
827829
ETag
"d9f-4f323c415a380"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3487
jake_test
Test_Pass
Expires
Thu, 21 Apr 2022 14:45:30 GMT
108553_ic.gif
i.123g.us/c/emay_mothersday_thanku/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_thanku/ic/108553_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c553bc6d4197892195254f1cb42674c389d707ac0d14d5991498b71df387fb42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 21:43:09 GMT
Last-Modified
Wed, 05 Aug 2015 14:11:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
1493070
ETag
"ab0-51c90fb81a800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2736
jake_test
Test_Pass
Expires
Wed, 13 Apr 2022 21:58:09 GMT
115133_ic.gif
i.123g.us/c/emay_mothersday_spl/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_spl/ic/115133_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2e70b95187413dd77af768241edb06048a29166119b2f2601bd7b0bbebbedf48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 13:23:39 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
2041440
ETag
"c85-4f323d7d04c40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3205
Expires
Thu, 07 Apr 2022 13:38:39 GMT
110920_ic.gif
i.123g.us/c/emay_mothersday_flower/ic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_flower/ic/110920_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ab72139e2ca040967d2a00e0c52d21ae4b6e2e0202480bd42d906668425b70be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 15:19:52 GMT
Last-Modified
Mon, 24 Feb 2014 08:20:29 GMT
Server
Apache/2.2.15 (CentOS)
Age
824867
ETag
"e21-4f322a4f80d40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3617
jake_test
Test_Pass
Expires
Thu, 21 Apr 2022 15:34:52 GMT
2.jpg
i.ytimg.com/vi/JvQIUvyeJPI/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/JvQIUvyeJPI/2.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d92c348b2211f148347f619033982109eab7b58e641e19d907bf51535de2f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:44:01 GMT
x-content-type-options
nosniff
age
6217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4781
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 May 2022 04:44:01 GMT
108540_ic.gif
i.123g.us/c/emay_mothersday_humor/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emay_mothersday_humor/ic/108540_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.23.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ed74ded0ef986fb21bb6e522b174ed9a742195f9cf36a0543b03679d155f11e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 03:21:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:35:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
867995
ETag
"bd4-4f323b224be40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3028
jake_test
Test_Pass
Expires
Thu, 21 Apr 2022 03:36:04 GMT
jquery-1.11.1.js
c.123g.us/js2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery-1.11.1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 00:55:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2086316
ETag
"2c463-1762e-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33234
jake_test
Test_Pass
jquery-migrate-1.2.1.min.js
c.123g.us/js2/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery-migrate-1.2.1.min.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 08 Apr 2022 13:59:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1952879
ETag
"1cb3-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3152
jake_test
Test_Pass
Expires
Fri, 08 Apr 2022 14:14:39 GMT
swfobject.js
c.123g.us/js2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 10:14:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1188793
ETag
"261f-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Sun, 17 Apr 2022 10:29:25 GMT
123g_utils_v1.js
c.123g.us/js2/ 		123 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ab6d4b2d4f6660e0cc5106868e09a73e955c90a0dbec418cb63bae5a04a713b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 12:44:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2022 11:14:56 GMT
Server
Apache/2.2.15 (CentOS)
Age
1870990
ETag
"2c7d9-1ed4e-5da6823d26c00"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30673
jake_test
Test_Pass
utilsopt.js
c.123g.us/js2/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 09:39:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:40:59 GMT
Server
Apache/2.2.15 (CentOS)
Age
326881
ETag
"2c7c8-57b2-5b3459d6f84c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
123g_subcategory_opt.js
c.123g.us/js2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_subcategory_opt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 19:14:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 12:15:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1502007
ETag
"2c43e-2257-5afe5ec74c340"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
jake_test
Test_Pass
rakpanel.js
c.123g.us/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 22:18:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:01 GMT
Server
Footprint Distributor V6.1.1162
Age
367739
ETag
"d4c-57300e747f440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Tue, 26 Apr 2022 22:33:40 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 21:13:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 12:46:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
2531669
ETag
"4ec6-5cbdfda4a4800"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6384
jake_test
Test_Pass
Expires
Wed, 06 Apr 2022 20:08:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
945fded9f02612352e9007f26cd06ced4831783ea659d649f4bc34aae5ee0480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56269
x-xss-protection
0
server
cafe
etag
11949036174092313826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 May 2022 04:27:38 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c4538d97d55856f94cd19d0b65d629faad54c6898eeecd82021b6d347727803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38778
x-xss-protection
0
last-modified
Sun, 01 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 May 2022 04:27:38 GMT
styleopt_R1.css
c.123g.us/css/ 		80 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/sub_categories_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 13:24:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 11:38:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1868579
ETag
"13f87-5c3625216f1c0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16152
jake_test
Test_Pass
Expires
Sat, 09 Apr 2022 13:39:39 GMT
modal_window_R1.css
c.123g.us/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/sub_categories_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 03:44:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:38:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1471400
ETag
"24874-8220-5a7b79c425580"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
clear.js
s.cccobh.com/ag/945541/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/chk_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5c4bbed69def281dd2ada59fd5852c8425fef0b51b75d6ff589f0b771748d763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:38 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2695
Expires
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f439da2b4f87dd3b7c06a31cb213dec434bc9a09e46d2b4920156f5920340a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
arSS4eNTlDCg9NtToyfB2A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sun, 01 May 2022 04:41:06 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
I2JtK9HOwqBAjpTL1oRidfUdcYQipTGwFCvKQ4A8XsPmyaLV7bevVd6jMJE8UIRaCqgBvcLIAuqqQbwzbTHxUA==
x-fb-trip-id
917726464
x-fb-content-md5
764eb64612461992c3830a1e00fd64ca
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 01 May 2022 04:27:38 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9c5f815bec93df62e33489dd6736b4a0"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
123g_master_bg.png
c.123g.us/images/ 		145 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 08:36:40 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Footprint Distributor V6.1.1162
Age
1021858
ETag
"91-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Tue, 19 Apr 2022 08:51:40 GMT
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 24 Apr 2022 12:31:50 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
575748
ETag
"1861-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
Expires
Sun, 24 Apr 2022 12:47:23 GMT
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 10:54:33 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
1013586
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 09:39:29 GMT
Last-Modified
Wed, 11 Sep 2019 08:41:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
326890
ETag
"21653-59242fbe2e0c0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
Expires
Wed, 27 Apr 2022 09:54:29 GMT
master_icon_set_2.png
c.123g.us/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 30 Apr 2022 00:15:57 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
101502
ETag
"9cb51-15fce-5d80a1da24680"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
123g_master_icon_set_2.png
c.123g.us/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 13:33:14 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2472865
ETag
"9d063-f1d2-5d80a1da24680"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61906
jake_test
Test_Pass
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=546c749c93fffdd511b9356c58dfc6d4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d302bdc556dbce7f2f365a219fac9da0ef249e53e44bb556cb8da1317b8048b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/
Origin
https://www.123greetings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Jwe3IFtj9lM0zT5LS6Oadw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 01 May 2023 03:37:18 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82897
x-fb-rlafr
0
x-fb-debug
ynDBDXm5rQZ8NZi7wRLXf1gZxiecVaY7rDrLvyYSPel5oFmy3Q5BHlolGp0F/IxEw7KwrBqm2Gh5Rackocoydw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
855a6a648c7da247189f05e888ef3b55
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 01 May 2022 04:27:38 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fb50530c4f74e728a84d52bdf6870bed"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?oz_pl=1&c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&_x=1
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.cccobh.com/2/2.55.0/ 		156 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/main.js
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b79508b243b999e71169eafb9da87dd884fca915bf6aade2804d95749fdd327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:38 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
49987
Expires
Wed, 07 Jan 2054 05:39:30 GMT
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?oz_pl=1&c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&_x=1
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379259092&oz_l=227&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
5c9d44be-0ac6-4454-801a-eafa8bd3cd42
https://www.123greetings.com/ Frame D262 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.123greetings.com/5c9d44be-0ac6-4454-801a-eafa8bd3cd42
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379259244&oz_l=6607&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379259394&oz_l=361&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
request.js
trkn.us/info/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.121.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-121-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f0714ed090a443ed91a091e279cdd153d7510c7fd624c6b89b9558c4596f944a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
734
Expires
Sun, 01 Jan 2014 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1245dccc24172ea7ab5792b2eb12405ac8b1b53f3fef8780e2d1d445877f8188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112589
x-xss-protection
0
server
cafe
etag
14393541441258806928
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 May 2022 04:27:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame A778 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 22:58:53 GMT
etag
3347421328414474149
expires
Sat, 14 May 2022 22:58:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
addressbook.js
c.123g.us/js2/ 		401 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:18:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 08:44:13 GMT
Server
Apache/2.2.15 (CentOS)
Age
1778939
ETag
"2c7ab-6427b-5cad6f43cf140"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77386
jake_test
Test_Pass
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2509fe7526a049b1f538f3e12f57aeba33b64acd4ed219adb5b5f61ef3f1d83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
etag
"1201 / 890 of 1000 / last-modified: 1651270180"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 01 May 2022 04:27:39 GMT
closeBtn_h.png
c.123g.us/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 14:18:45 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
742134
ETag
"42a-54da7c7a66000"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
Expires
Fri, 22 Apr 2022 14:33:45 GMT
/
www.facebook.com/login/ Frame AD09
Redirect Chain
  • https://web.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dec86d9...
  • https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dec86d9f1acbc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff345dc12999fb94%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=546c749c93fffdd511b9356c58dfc6d4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 01 May 2022 04:27:39 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ofYpE9DcOYljFim2Wh+EwOavYJsR2gENlHn8kTKwEWNxdF24yUo23WH7lwmZZlaMhirBjNgioGZRPmqrem5CHA==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
date
Sun, 01 May 2022 04:27:39 GMT
location
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2dec86d9f1acbc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff345dc12999fb94%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
X4ogT2GQJMWMmfAezg6NhztLvx8SG+UowxYYM+yYrGp/MCPStp1JfgvL78w9Lk0TctteDxtqzMfFH38pPZ3uJw==
x-fb-zr-redirect
02|1651465659|
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
510
date
Sun, 01 May 2022 04:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 01 May 2022 06:19:09 GMT
pubads_impl_2022042701.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
82d512d9de66d372be99b9169ce37787faaf6253487f07527aef39ce9651f11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 21:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127773
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 08:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Apr 2023 21:40:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		525 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
97b976bbfa4e15abbd516446d1640883f6d34fe71c98bb1f43138a35490aedeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216
x-xss-protection
0
expires
Sun, 01 May 2022 04:27:39 GMT
cookie.js
partner.googleadservices.com/gampad/ 		220 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2185e02db13ef019ffe2fb1e718be3060b9675373218fd20181d238fb79c5145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CE29 		140 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1651376217&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379259469&bpp=2&bdt=1900&idt=82&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5072026763038&frm=20&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379260&ga_hid=2116933866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=1233110370848255&pem=846&tmod=737062077&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c3896549729445a66265426c1b92cfc91a8516f495db0b821382101aff2d98c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
36259
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:39 GMT
expires
Sun, 01 May 2022 04:27:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2116933866&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ul=en-us&de=UTF-8&dt=Friday%20the%2013th%20Cards%2C%20Free%20Friday%20the%2013th%20Wishes%2C%20Greeting%20Cards%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=461419981&gjid=1474990606&cid=1102668645.1651379260&tid=UA-5085183-1&_gid=1101601566.1651379260&_r=1&gtm=2ou4r0&z=1444597458
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		205 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1233110370848255&correlator=4060895829572684&eid=31067353&output=ldjh&gdfp_req=1&vrg=2022042701&ptt=17&impl=fifs&iu_parts=46400095%2CDesktopWeb_SubCategory_LB%2CDesktopWeb_SubCategory_Mrec%2CDesktopWeb_SubCategory_SecondMrec%2CDesktopWeb_SubCategory_LowerMrec%2CDesktopWeb_SubCategory_BottomLrec%2CDesktopWeb_SubCategory_BottomSecondLrec%2CDesktopWeb_SubCategory_LowerLB%2CDesktopWeb_SubCategory_Video%2CDesktopWeb_SubCategory_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C970x250%2C1x1%2C1x1&ifi=2&adks=3914305483%2C1127719608%2C4293624944%2C3694362538%2C3926068587%2C1178609660%2C2276923048%2C933155397%2C4230775942&didk=149493924~149493927~149493926~149493921~149493920~149493923~149493922~149493935~397689758&sfv=1-0-38&ecs=20220501&fsapi=false&cust_params=site%3D123greetings.com%26section%3Demay_fridaythe13th%26page%3Dsubcategory&sc=1&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3ART%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&abxe=1&dt=1651379259629&lmt=1651376217&dlt=1651379257570&idt=2036&biw=1600&bih=1200&adxs=560%2C970%2C970%2C970%2C970%2C970%2C310%2C0%2C320&adys=47%2C236%2C518%2C1870%2C2152%2C2434%2C2722%2C2916%2C1157&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x90%7C320x262%7C320x262%7C320x262%7C320x262%7C320x262%7C980x37%7C1600x2896%7C630x0&msz=728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C980x0%7C1600x0%7C630x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0&ohw=728%2C300%2C300%2C300%2C300%2C300%2C0%2C0%2C0&ga_vid=1102668645.1651379260&ga_sid=1651379260&ga_hid=2116933866&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C0&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
36501dd26dadae5cbe8dbc7eb24dfa4146e64e29cca11136143371656e41d353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43194
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,237051975,5984529975,5461263814
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,-1,99278302815,138388526769,138321279906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A591 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:39 GMT
expires
Mon, 01 May 2023 04:27:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5085183-1&cid=1102668645.1651379260&jid=461419981&gjid=1474990606&_gid=1101601566.1651379260&_u=YAhAAUAAAAAAAC~&z=524166566
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 01 May 2022 04:27:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379259597&oz_l=127&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379259773&oz_l=254&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
d3a9f78c-6f11-4fd7-bb52-fd0450c4d3f4
https://www.123greetings.com/ 		772 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.123greetings.com/d3a9f78c-6f11-4fd7-bb52-fd0450c4d3f4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d0c6f13eb885d7b2357ca0670b795e463a5e3f204383b3cddf94cc02b18407

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
772
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpeci...
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpeci...
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dvis=visible&ip=146.70.117.69&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Server
18.215.121.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-121-182.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 01 May 2022 04:27:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1998573461.3989449&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dvis=visible&ip=146.70.117.69&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
027bebdc66e1b93137d273034437d1e31f409abc678f455a233d50d8e8386a41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52957
x-xss-protection
0
server
cafe
etag
7133624110957967853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 04:27:39 GMT
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379259958&oz_l=4960&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame 1A32 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 23:36:33 GMT
etag
3347421328414474149
expires
Sat, 14 May 2022 23:36:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
connect_config.js
c.123g.us/js2/ 		201 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.250.188.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 06:02:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2499925
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Sat, 02 Apr 2022 06:17:15 GMT
css2
fonts.googleapis.com/ Frame 1A32 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 01 May 2022 03:04:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 01 May 2022 04:27:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 May 2022 04:27:40 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A32 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 22:19:06 GMT
x-content-type-options
nosniff
age
22114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 30 Apr 2023 22:19:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A32 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:02:16 GMT
x-content-type-options
nosniff
age
5124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 01 May 2023 03:02:16 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 1A32 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 00:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14021
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 00:33:59 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9182 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:21:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 9182 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:22:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9182 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:09:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9182 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9182 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:11:08 GMT
3c09399fce195357915a25abcce0a496.js
www.gstatic.com/mysidia/ Frame 9182 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12188
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 23:28:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 09:17:23 GMT
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379260131&oz_l=5120&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:40 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
container.html
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F6B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:39 GMT
expires
Mon, 01 May 2023 04:27:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6EE9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:39 GMT
expires
Mon, 01 May 2023 04:27:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE6B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:39 GMT
expires
Mon, 01 May 2023 04:27:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8834 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:39 GMT
expires
Mon, 01 May 2023 04:27:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 10F3 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 10F3 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 10F3 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 10F3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 10F3 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
truncated
/ Frame 10F3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b06a05f49b9b75bf1aaf6c22b962d17e7a864d2723b62cc59a206683f3153bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 1818 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1818 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1818 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1818 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 1818 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
150982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
truncated
/ Frame 1818 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe6070c39e3a288a3d2820214e8c59c290e7cb7a5deee00b56142b37c89d26ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FAC3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPCgJ6EVtElTGx9HFK_dZYEZZAnjyFzf54S6salDCGQCYeXp7U3PBrbKGwtJZMQGK7hQFYOcVsP-qExZ8QFZcFv8acafqea27OAWh0acsL3MLCgYWb6UaqcXcmTTQ77tooXKBgTSWXEB8TeJ9x_6Jmn4c82vdGI0lArLtc_E49eaPuKeuPN4No0dGJgFjhjwDYwE1rEhvuAzVdG8Oo0oLRw34X-Dq5vroAlBo1wMyTYKXUlso0q9rXBfBEjuY8T5P6tJe4eCkPTyn4ve6oRhhYgqcUOGwjYFFrMhJCGggMlvOcogD_RbtVz8Zw7QHip13NUbyQ3OH2bgrYH2oamfF-&sai=AMfl-YRk7tiVeBXi9rwGpmZsoM2xzbyToD4anyPwBq0oylMaXGBr_W5qfVkhS1fz8jIGlveVuYem2BC-5VQVF2Q1IxUReTvH1LAUyVjxpFTJzl9s0cqtD7Nj7T77J8LvXTGiEw&sig=Cg0ArKJSzIzv4pOd5QD7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 01 May 2022 04:27:40 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FAC3 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c035b53146c5836ad15fd76a3ad6a88eacc79223ac85cb46f09feb20f9666fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40080
x-xss-protection
0
server
cafe
etag
15963900022095674132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 May 2022 04:27:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAC3 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3017 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup_KWVt7eP3q_PJUWaRKY3PeL9PR9JaSrI1Gi09A6hBMgq7PyO30yQzXrWwCUvWmkLgtNOG6OXEOZKjGTqqJD2lroVy0THk2mCBnDoGNLTKp21tGXOvOcg-2H2j9Nxel86JSlXAy6nHFHRY6cANkuMLDfvkwTTcfnwCEvJn9Z6UU1fmJihYWYUwD5R-rPbnrKEtK4dIhnYqhvlASKzZgTSEuihvQ3sWF-bpfKAAF79vDbNuMRcoS7V5q-7yeu4yaLVsRw_gE2MLZU9ijzLi3qZMYf6m7HD6HsJBbNxDxkl9U4bI8N828bDa_6bxr-VdeiG1S4qsxEhvK7FtOmzNdWE&sai=AMfl-YTRyEtOGAGbdYf5sjXXMUY46A-ADI7XbItxzfiOWL-rT1E1Jc3cS1Va2tRIBxLIFdMWRb2guQguSmUJP0MJWLM50FTLmSdsWiOANuvjWoYjceMcb7g7Z-H2bQnAB8w&sig=Cg0ArKJSzBuC8n9lbPN8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 01 May 2022 04:27:40 GMT
spt
tg1.selectmedia.asia/api/adserver/ Frame 3017 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7f170da7913dbfa8716275574ab8ae59798322a2b1da826648bdccdc213bddb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
5590
Expires
Sun, 01 May 2022 04:32:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3017 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9346 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUhx3VLNBEv-NYGk2pGGmyEBGZKsr2jr9G328mifnVM3qds07cGnGASa1-jGDMD_l67HwKRiR2zrRQQrHKv2GzKAr7nu_DGflNZfuAbnBlrPwhQkQGeziNH5w0Enw3eXnSX3CVvKQdQKCJC90_tmJ0-0yjWlJLokQJ50KGheQvDVliBK9pvVfcYnRR2jh9-pCbTmwlX44s9iYv6CZmEQZ5EKpH2vXiLuPjVRIVck_XAP7Fb7p3csxz4EoLKNiyH-dlT0oCOe2mcLqsxGgws9fKJEi_ih3BjB8Sn1tvuBXNZO6wn5Y5zFb-mkh9_fQN_c-5n02w9xf-ZH58n3LG3BkYqFjEDJpIOAtY&sai=AMfl-YTxvUUc7w7RaFDcsSSD6yOlsT-44B684OojSCqM1mVL4CYY7NT0hV0NkGHSN7AnDcNwh2JK0pODofsaM0_2RtoIJJvPAbIwFz0w_OcISlvpQ6b_NG7y-l8qhRM81H8&sig=Cg0ArKJSzN3go32XbxgaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 01 May 2022 04:27:40 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame 9346 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 09:58:31 GMT
server
AmazonS3
age
63609
etag
"cb2b3e45ae50a1cfc9646f528ea92b50"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 30 Apr 2022 10:47:31 GMT
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
31281
x-amz-cf-id
lfVdPqRxo_S7yDzX8RS52sI4DjNZRzTDJPVgTL8PbR6gbbG_NpKpBg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9346 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
10741900595397069241
tpc.googlesyndication.com/simgad/ Frame 10F3 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10741900595397069241
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccacaa54099a7d166556e98bd472ed1d53186bcb5fffc692f5135d34cbefd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 03:10:00 GMT
x-content-type-options
nosniff
age
177460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128861
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:43:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 29 Apr 2023 03:10:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10F3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
67562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 01 May 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10F3 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
66875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 01 May 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 10F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQI-I5jhFxL7eWbSv9OQqzXa-x6eRCs_Qpwjx1GYSr7dHap5fjLOVqWizjIU8X_hnpeEmsUFKIMEqJgxnPRDCRuzYpMVw
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 10F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CECqdOwxuYoP8KsqW9u8P_I-Y6AO-rJ7raZqvlZj1D93ZHhABIO_2kCFgleKQgqAHoAGyhq70AsgBA-ACAKgDAcgDCKoEgQJP0PfdQJI5ChwBg3V0YKoJK0ynaBaEfCd10u90qLERcVDgtgmW_Xw-0Bh6DdSPTRYl0ibuTXo6Vs6gxUcsE2CKZaexbkgYpJvM2NnDrm-YjgMfKe7EdgjcB9sBFcEBdWGXZediHUb9nb9mpdD_uxFPlkkaTYcci318BLUJiMv3wgCW_XIpnnlb3yi_nt7tAxHVVxQJUTnkgvW-GHrfl0oMuWbdt43wuiNzOhaPT-4MAHKE147VL73u8JCUXqJdDZ8IeYOAVznYQqRjCWJbSWR-pNlgDAMOe4165f7NuHh3Sdlpv-dd7EwO1OaL4dSKiXLoF3nI_exfWU0bVskDM0xfDMAE3rT68O8D4AQBkgUECAQYAZIFBAgFGASgBgOAB9_J648BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQlPMF0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTQ2Mjc1MTc2ODAyNDk2NzAY_9cX&sigh=Nzo412GlTyU&uach_m=[UACH]
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
10741900595397069241
tpc.googlesyndication.com/simgad/ Frame 1818 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10741900595397069241
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccacaa54099a7d166556e98bd472ed1d53186bcb5fffc692f5135d34cbefd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 03:10:00 GMT
x-content-type-options
nosniff
age
177460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128861
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:43:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 29 Apr 2023 03:10:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1818 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
67562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 01 May 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1818 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
66875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 01 May 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 1818 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM73bd6zxA-OpXGatsvoSGLIYZdAGpr_eA3XDZWvZ3PUFNQCs9L4I2Iaxj5uGV_Y4d8D2dng1bDUzx5uQWBIkGns91kA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1818 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAHNdOwxuYvz8KsqW9u8P_I-Y6AO-rJ7raZqvlZj1D93ZHhABIIXskgJgleKQgqAHoAGyhq70AsgBA-ACAKgDAcgDCKoE_gFP0EVMwUGx3WNEntzPoXDQIzSeMgFCk8ZvS9IJhYHtrfaAiQ2_ENUP2esHN5m-MAsB5rZSm0zbeuES6WdilPul_oqP7VYCUtimKYznJMWbqgGLMywPi7MwYLwnwWSBbpz39qugi81El88pjC2mSF_HZjRV3d2RS8UQepWmZyDAaEiVVWSwUyefgV_u4kX2YEMMyfQf4DJ1DHrQMZGdNQJY2YvkDi_m1onPJTOflygLQIfBf1bp9wFZ1N3umPKSbtgXXWuDdhI_tMIJCQyQdFCr-XH3m2Ah6YzKoK2AzVLyUHJQXtGyYUqCes5uldYw_3Y-gGA63BR1erk7T822eMAE3rT68O8D4AQBkgUECAQYAZIFBAgFGASgBgOAB9_J648BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxZEJ0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTgyNzUzMDIxMDc2OTM2NjQY_9cX&sigh=oQKsFDtLvW8&uach_m=[UACH]
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame D924 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNUYdll1uDILnsDhAdlmYuLEEx0-w3Fms7T9yaLCmeO9_GXoNBtIy5tQEn6cDIHZ8rOUSP8TCqlTgksnqc6OfGZvpowM8zPG0JKZlR9JJOfD-lfR99r27_mTDHjYLqspf4mMELyskh1wwiN46psL9AEXSNXoWa5oH27CULFczKc6ShRqIvg
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9F6B 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5wkPhbTiTWnOopemgtoN8GfVQkVh_cH-djJTvucVku8-7P305lUtU9PpQJ6YB7C8jvZP-tpHGmukKwS2d19Q2GFSf8vao7bE1UDkli69sH0YRBPej5EJaTufnAP_FH_hIMZpPVs8W_2sn6BtSwXFapZlXzQ&dbm_d=AKAmf-AT8H5zk5qP2REJvdlofZRLFdIMg3y3sTnN1rLXuU-VJ6taWafAlYthgSS48Hdq2iDxoMw0pXhXoPct4Bz4YBbiyoBBAldUeH-F-1oSTA3D6iCVoaFKpDnFTkolYFBPuZzlMvoqJHqaDUxRqHHJeOPlO7457Tht0ugJ4fGM_73rlLMERE9hg0GV2NJeNGzwKhIS6bXYnNpcjGUrFMe2tGgqwh2JU5Jni67JBjuHNKPcQStvfKJdukiyt8x5SFdM0lcMs0TcZYHxI92mcF6Nbz2YdrYwdxPn3ACGoVWlfnx3a9olltpJl0rIKl9yTlPCwgRStjGdKQa59dVQikqkNHzlfzJmgzl1NoP5kO0BG0CgFTbjYZYj7V55Ljjr7HrV_wztbhVNi9pZZAx7s4FBRBwUzP7jvAVgAp0Oz7z695LrecaTAHuf6TMSfs1uQpjeRA4ZkjlTRZB9DmGYDixKi0w0x7bsEZVcYU-ZDoqtZFolnvdg-VfOqe27Ss0QSp9Zs36z4j7SYlQ12r-qjhmquygbi6XSn0oJKNVkdyA-S8xnN1r6jZzGh29oFmBr8AczrbM1DK3vpXKGsRSB6hDdYKf_AfQ1eOCt6rqc1xSUZAU_fgU4x4S8xDFZ0LsxGnHVoKxmbEOrcTe_LRh9tXq-SxWxS_DHN0i-yM2OuVKuY292nKo2eUnZiutOKg9zAefsGZWig4s8-bySjWo5nsd2Uaengvt3ubqCK0selMSpsezszttB3deIl5O_1fJObiZeaysoEZ5xW-aopYbnQNH7_-N_1boz8pKusCqnYUObIS894aHQaMwFv4iByI06Q83OK1xk1BtbySLP6QszgcUZ2kEgUAHs0tYv2IHF3EcmardoJT0kpx8Q8Pzdk-RH2ij5lKCJNkWZvT_MvngHhRrhECtxvJeDsX90fxdpWGldPh496S4mhUNsvEQ-qwvebx_R5roBkOGfIAvijgOWMsk8NfqpLqcTOOGxNRSpJT6np90e4TwNG9KN1y4mR8mEdrYtlih4OXTDUvPD4ryNuKe7QvhDmRrTD5GEptuVTAp8cwXjYIIc2KlB2dvhXVUIuWZfPJrHmyEuFCH_1w8l4cDWt-QXZndEWYz96GlWoYNOjQLSK9g8xfRJABMVxECOkp5KSk4VmNcGnZHmf52gI-PHJuJrjPN3h_u_2x5jGE5h0pn1bScZmt7qq-I4v4BRF4bUKzdJijHqQuWI-zE_iqBnK0a5SvO6mW-dpzxmxaLLfqDW_xT_Aa6CEx61VN-PzZB0kY5AzUqRK92L6OavjyqD3Fya2yez2-cZbNCmtHidk_skeD-U1ZKLUZiARGX8M-s4xVvb0XyXHttvGflDEOzWCA8YenU8p1QE35dZEl1bv2HNB5uI8ov8tY68t_mYG0dVq8eY9OiFI314GXNdBw4ewklyCdqn9vdh_jyyA6ESkw2YpdnPTgmUXN_X74Iwi9W_YYUYiM6ps7qTudr7F9BDJRlkARwpBUGh1ipugqSZu4dq99D2uQEfCTGaWH3UeKjO2gbrYL1fbN6iz09nM9rt-V672ErMeVxfXR636395D8ZZYLjr-gPX8F-Hbw7tPDBMnOGhTRdCbdcLZzSZeczK6pXrgTUgKcjldd4pMZmOrDxe_jEPs8TC5Bwibn3j_B7bLCHmYBuJ8F5hgiL9QUmz-W7B0xDVc3uIL81anJ7J5nQ7oNztXLvIdUliN-FGcnSItgULVxEV-7EWBVjS4s0o29m_QEwGOEl0ZOmVQ-fOG7cqTnzZjAMX2IJD_AwYOXpIvbF-G1rXFeo1IcF90KfRYNFSgvkFfRp6cdK4bGlaNm0yeR2vqFsjIvsOx8VYDhbt9UBSdQBd3fAd8ulQYpDbd5MeuXJj_jycRB_4t781h7MBigcjcdo-WnLXxKha11NSqtyETyahdKbtNc923olXqBbAlS38O9Tcza0VBhZA0gQjHcm0Y4xiTiFZHqovQntsTDiN4uZt1RouDudh63jFzsvGafDpuV3tgTw-41mzMJrE2rkGDM6PRNUvzV--i5rUeKcLct4hL7GXRgHSBNHNpf-oI8FTxDevSluo9qNQzLXnt1jDnIx82uH1TXjlmPv6-GRz4Gxhj9KQSitSFhDB9OzZc8oVYfCGLREpQsQhmeaDyf7EZWnNX_ubaq4WvYEGy47eGsrJvk1GPjnq_PTLCQ8Nt9dPtLQwEvOWJml8RQ2xHHJ_Un5FumfxTJ96UA2Y61fYs84T7alplKgutPwXXuNvUW6O1Utdy-BptIY0efkyZsq6s-xThlzUEo8Zh2Iqo4InZNNANwIH5aff4HQtomkNDs4rwRFH3IYAY-bxQZOZHCxHt4x_MkQJ_j4oFVk2FiuQguUww6s1tELMPZ9pQTX7vqb4yJpMlsgoygfsAIIVKV-h89SnNKWyP8VQfKHYgunyjPPJ5ugmxmY6jYJ1YrbB_MkitONwmLFw4V_qFCFdc08dLQiWeMlgu5t7McRVlmFUsS_gz5JQyp0y9GddVtp-JX7ENVAdCL8sFxoN4hEzC60gCczQm8bQ0kmrPhl1au_sQSMVC-nyiT_kOC_vOI4keboI_BrALw1gK0sukg1yRnJ5rIu8TGoMPg6914BZWKCwYIFVPzVUVi4ceDVXsYOuzS1kvS7dfwtWwQ837vj9nm0N-4P5SfXZ3buGA2pRJgv0QF0AcGIVBOQXHUZwfKZsdyO3nRBc7HBofjj4YXxH9GdQ4NDqdgWv2geCSS-oZNl4ItRDnH6IJieVvpHis0v98p9fRuwg-QwmUjNXCN7ck2rtwobkGO-w3LgymnATuzt71iM0ifAGBdun9DCtuwXMLW0ETfpUcT-nUG9CFu169SZK2j8oCrD6KVFFXeoJ9WYbqjOwM3vt6X_NaCaZW1sVNepsNauChQwaxf1E81eUVsD0h3oxzj_XaTbA68QfulxRLNq5qCCCALV4UaQr_37kT3gwQ-fK3kCD1YW3x0Bx3d-rQOHI7DV20QXjuxC6UnncrjB1_KtqO0Tv3PYiOuF-uqtNzB2s5xPskgm9JRPd4gXDB2fNTgTxNwKtI8MLbwpBjx7leuAbiJjplAA-jTncwwzXPBXCz1zLIBJcmPcGb0yqK9Xh3eyfulrGZ3THw6XC18W2IAmQOeHnH1ZLQoo8YrMzLl7B-P5rCM5kZDh1MW5g7s6GLvEP4UEjctJIQm3zToYyDnwK_WuSPMa6GTTbbpVCi5TNLu61n94DD-B5n9q0_XCgjYwSWaX5oTcLJyiPG7ehtBTpfWNGu0yHGm2ds7Td0vd9RVXOJbNxVVfcEF9UP3rscPAwEez_zUI5HXacyFdu1lN0Zv2Y2YCqBCddPgMISQ&cid=CAASJ-RoGaGL6rRZl4SWWgVLYKY3Qqt8CkQzLfEsjeYwVXYlDIbcGZmm_A&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4f5d3feece2539d8d11387e1a3f30c58c4c4a3c6a82d5d116c091297c63dbdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33625
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F6B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ba0P8gLLgNxqrF35l0TJIUMNeSSrQgjghxEn03m_d-zb4AG9Z9Z047UuE0pvrQ9sYlZ2ahjmDHO1p_W_XOreQDcTEceOMjS7ezoPB2Sff2jdS3p-c
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9F6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:09:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F6B 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9F6B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:11:08 GMT
l
www.google.com/ads/measurement/ Frame 9F6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVYKvWuAw20alMxiDA1ggVPOAFteMADaA3PRvOq0FCjgYSb1Ur_0mCOCzJIuRPlWxpU_zfImZMCj54okMeU6bOvvxOdw
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0A18 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNXhBiL_xB3GtSzGa6VKigphlNwofq_dwEFnBP7cZaPllNg2V52nNB6vC5H4BCGamSeAcnlH6eXxWGgL4BNwPiulVWDIXrTyHWtpqE8bv_gY2Pzm50lqbsN9oOBJYlD3-TyaeUOZXh3MDYktdsRmF7zyqlgcHKrE-2ltgl6iNwFpTr_20zw
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6EE9 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXS1EJquyTEK4S4SbJE94SfNZKxR6jby-1WmzHGOPeer4cvWxNSqEbobL98ehVMCiB21yugzN1F5ocuZ-v8mqVnOD76N-Ry5MqqbRNkqlxXvrLJBfEWVhr0B9pMTCNakNp8gCtYlmzphr5Ea41Xox2RitLcg&cry=1&dbm_d=AKAmf-D7hP11jEarRyOZN3PgLW02aaReigjDqGei1jyd_BRuyU9M7xn_fN4C9RNCskwRpHZ4zh-EjoKYBqB5-FS74BODFU-esjiBHulJoMc5AM3E7Argh_aQRGHZS12meqSyp67QGLRF1_dKyRJQKPwqcaur-4nwGpksdDFBi1r_1Pp5bfErAPr67FRntDmlTuPtvCC9ciU42WmpQNvsCvxU-75xYBPBCMC0rIebTCRN5Yh_6XV2y9mo5JqitqqaLY-Rn-1x7-4Neqx1k5Zjk8ImiQ08BmaC_xGNtpfmir6Acpe7GY4KDxSPUD8VrB7yTYK_L3H_q_t7wNtholPSeiOyLxwIob9JbM3t8HBytDc4NdAw7OCQRcjRWql7p6QwClC-K8HvpNZQyYeVNuJ0ksrTNARHK1t1GsHQZcXtSJ8ub3l9eoe78u85fFqzf6cp2D8MLsiw20paQ9IIxZOj2Y5wVkhnIwzqDcn-wZlHmAMlau_gFkwNrwEBy1aC5LOMC20rOPek6D7YIqUJdVpoAu0MwR7g4UgiGA_H322X3ZrIuN4745-WLnGosRiBQVFBwX3gUr9r8pZz5XMaYHi-9pg1BkrFmOHQ0uKg1G5spHJG9hRhs33SJfyRJEywrTPnaL_yvB_qmgx7SKdAnMlrSbCPpPN7rV8A0URNthVCzwbxWlLFvwRZoODXTRHpDN86gfX0nokT-UQm45CSmP7UhXhW_jUeTf5gH0gaCcuDtOYguSj9WcojhO5u-pXGZNtc1T7FVW7I7XfXbjLDHSipImddcgoQMuDsxB_WD0quduc7q9TJ6kwgXNuu09aoXuwJWwZ2cLK8G32gMWpZN8KFesEGRhru-0yDKgWNJBc85G5EC83RVMsTWzLIV_-2s_8rQ-4LmHuNSd1is0naV4lKABypoWTDAvN7x-IBvt7Dyb8IEUMPsTRewSECbisqMWDro6gjrKNr1a0oTfRuztOPy8rlXF2vCXL5ey7Zkj4xlQ88Uo0ESZKT9bQ5NbxZjyaJeAF9uh0EYTOqBwwvp8k5n3VVxlOWm0UNGEYd35q-5Tqj1bb_zdqEWkkhLLlpMbCee-jPjww8SpQ4_zVrVSzTDX2Qflz2iqv6ir9PfDgrBTl-twzLmCg_xhPdRVAhNtHEQTAMYOapPnrQjxQ7FZ0cVwVQ5cAfqbctZS1RYoHxXi3UUcXVuEMMTu07hf5P9tynN8foPVQmYQP0PQRLlKWnUNcq5w81aVcxVyU38Np6Dg8HSxBUjgmujPgTZ8tWwwYf1NHnjYutDQ0S3eD_SsHxEae_-rPlExxSzCzFHjboH2DiGTzvePjBJ8vqmV8gff5NavQ3BxDzt2oTY1LLh_MHy7c1i88a9qGJ_SBZNNh_0uUBchUMYT9XD853CF9orFXMM4IxAoQ1ZlVQBlfKjGEG7vKiT3aofswagnSOKKSp3S8rt2NwPhPdKPObUy-jc8Hsjoe7HjnhwvGMK1OA3WVzSJWPk0oDHLgyyxHJDaED2GOzChisUt0fe6pV3wehsdFWsLSTjmQT3Ehpa5EdPjc__40MVJHm_WFdlJFdo00VdvxAE13yh8SA-ScgWWXQX3IP89tzM0JrmtNiuH3VDOuNlkJGradtoDDwl2RJbQnKRJcHQCt1LO-NyZYQ56d_jFy4UTm7MEwpfjMU453s6ndcbOuD7Fn30Gm4uENT-dOrOz0_xL_5gxin46W-JRqjeks_znvKK7CgvWT6dMQN8K1ZwYa2-9wosQWIXrW4T4l7k09KMLwJ-eRElhj2OleFE1PJ5FmkEJBd3NfhxLDzvI8uTJw_G-Mm2Vxyv4gVPHAKi2Pg6rlGtJVCheSuRxNPEXRJqrWOjfk5Tk0cm4j0iaExweUmFTTjtYSrjwKNGQUBftLqm2KK6J_E_dM8YmuDgjVHQqqB3X_IlDi2RHhbeNn1tivuUYJSm8tOfNT5gH1TKhCoNMxmSvbhYxN0K0nsx8rAY122-rpN3wyRTmC5mZCjzMEHwvthvMh7tMgJp0pUeBYA8fWfBb8hh4RVi-IbA6McUv8ncO81j12C0cConk1h3_rzgHoSZA2lEAkrKCzV6AMlf4ZDfHi-cNmLwKLKUAhCBCBd4XiEti2WxebBUq8CTCCDkM_iqS6BAIG_EnZCb1aoWnn3Lk53a02gjvKC5D4BszaxL_fuhPK2aGfuaoJFiNBBygEQdQcOPVuiKI2kf6uENG65PR3kcpu6f_CAu7b3W9rD17YB4gZ_Rw_f_TYCHp78mxTn84v6NnOivuZTE4jHVxi-K9zUKrI-1ezgmttJFDPinIz2X6sOLui05z35UK-te8Bma6kqPUmGeONMSMiXDNF3XNJFMBB38G8fNizQXi10megnpK0U3Zb2QFL6qyWxPRMw5zGQ21ds2KZQZgfnYQP6P9V8OmMkAIm5WVaX9kncSJTvUV4VCbZY54zctuJgUbJkBM5S5PhAi_ZIzYwdOqXuardBj4GInovTpu0uRZJ9EuBGyMRkwvLHRVMPWIuT7wAg6joxAkXqp4lUwa9vavulnqj_zhaCxolaYHMFn2JDjE9Korjcl0DnZ-WPkCV_YLmXmm7tSkPXopwQpOYrSgr8N070EmfErUfggUF-EGzfgEgdTbu-VyrHpW5DhQSzynVKopN1zDcL1vVNnz9B9VZEzuLTRrVc1GxUwrEFccCVbrzeg4b2PGIMcdvRh_m_ophIlaIFoYtGftVEE2gNZkuT9BSZfbyfFzuF_aTML07b51EeWSsD3WyVweYGAKpagFPxL0JyI_sYFK9dJRoa2ID2nhR8SIyDwOrsxZp-eyrIuOIeu4DMXJ9OX_LgY2EaJlZMXCcX4Q68VSxxsIvkem2BVSvPkg9Sy34LH88wgGwGMPnxR3iFLIvbB6oaA_B1D4W8pUTrklpO-cRaeAEyxrwxtltypHMLWATPK0Lwf0UHP6SsoyAe9z7IaVVrvOqodrgoI0m4UHyehB56eL44J_dN097LeBiSGcrK9gmiRONI4WTIRgwoeC9WHyOvTsDJ8LvuKq3gvjazwWVIlNY2bWfpPq7bmBvC9glsfr6cM2bzMSWZ1LmR3P36qjyE_paVTQ1vKMf68ubWDSX3mrPoAN6vAL-3FhkqY7bKJMtFPVVsNbGa-N0RQUHc_1umT9MygvuZYet92x1AzAf4aodfqEscHK6yryqiVupzAkIwbRZVR8xK2FZn6AC7TcZ0kcy2UYb1duHpB_qa-4UCwTCk8pUrDN8NS5Zaxlr2sgqZMpF1oXJYTqynONp-w6UbPn6sVSV7tSpSI0CGflrHXBfl-5VkZoL16usZy4eRxLG11600xNjuSYb1WQ0YJ6j5CrKozAqxsppm4QkLVffzzI7kxFNuB5cWs_ZMmTzimUwfu4m6nP41godTgYhTRqhjDReHORbU52tgmg&cid=CAASJ-RoYcIZ9jHqT-PQMO1DiQKm02cqPF-E9QX7ipY6My5zjl5HfzYeGA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30adf3e12b9886a1aed3773323e48982f54cd0618cc13e2f8c7ed3163f4aa2c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16185
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EE9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxMw2YILI-V2Og4fBjKbym2QzYioI4OI74nQk9e_OHpI_ZrW1QD1PUabPw8SgwjhDlGLi6L99CjbiEZCL_x2B9f8zePoQMtrRnZMte9_hTxT-2dZM
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 6EE9 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1077710669&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCtOC7OwxuYt_4KsqW9u8P_I-Y6APYqeDpadD9x8DBD_AuEAEg7_aQIWCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTuAU_Q27Em0paGL9gdEvMhUhtDTKdlfa3gUROYl5g5s8MwbTJkJYWUT_5NWTKB8IKNCTshf0FFcBr0G7b-ndZ2kt57__ZFAlim3AaFr-9419S21NHFo0uPPv-RSYohhS5z8ALeP3pfin8cLFXqVzMKSZ53uNjZ8pFf-v2rU4W14m6nhhIPhf-NVQmu6zWV7pH9H33jw63tvU8oDeZuxxfPjwaiBd7Zxy3pbl5-qduxAsnpUa_oA752ESm6Zyw79Naq37CY-a7cRtgePiyrYM46TrDVAnDFgH9r8NXC8DuA7qoOQW6QgeNrfb434N7xEBLABJzSkfH_A-AEA5AGAaAGTYAHi9esiwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8X_gw_QEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYcIZ9jHqT-PQMO1DiQKm02cqPF-E9QX7ipY6My5zjl5HfzYeGA%26sig%3DAOD64_3ADLkDY6TjdxOJJ9nXXaMz5OH3_A%26client%3Dca-pub-4627517680249670%26dbm_c%3DAKAmf-BH94AbipNbI8mg71GdkXqsJ_6j5T1wruKCwD3rxvYTI5LHqZobYcAR-uMa2JF-YqKFJOIQvFAbcRZVppP4Sx1QyrCNLUDFkUYsayvtRkjCU1Q3Ct2bFZDhxRcy2EJP224Spq1JyX0LFwQKeZYFN31Va1MEiA%26cry%3D1%26dbm_d%3DAKAmf-B4X-18wPpFkfPM4BEExsCmzMa4ugiAK4peNF4x39RLKYICzOCW0COoGwHKKJOcBQ0fJu_CldUBW_Kjj23rWV7A_2IFay9ysqO1Jvq7bZzjEk9v4Pgi9-ndCtWsiBdCDjvgK5F8UsB4UyEYKF1L5F-8eExVgYbb21Ezl43uDZYkKZuxg-qd1gAWWrIM1jTG_EbKqkVAjAw8nVhyZ2tnkOzPsB5Kx49SVm1KlWvcWuO7kchpg07QIwrv94g6sXoqoByOXWZHq3fUBIxobNbXkEfgaSgF6xz6dK-ysHRk8OSAdMyIb9cLDYsw8JGW_g__vyZ4MGYnlz-pAT3ZwJuIOLRfDLAuc9tZYOwETIIa2GQsGp2M2rTiW6yecOcKINlAxgY0P1qv3DspWBEhbolqoE_bs1tKvWaQgOcqwzG0_rpvDr9vhk_QehDp7TDFzcno74ReJRATTNurjt0PvdCP7rOVAWuP50p-IvlEsIx31XLODEEHIkVgzU-KNC9j5qxV7uapfHBgMSba8NdUcuNnTXCCrY0Lxo8IjLEV-8IaDGldni9vwKNn1Q4PGRp5Ppj_HppYRt9V_R_ceqnvaEJLhck2gnesAg%26adurl%3D&e=0&ord=1651379259703583&ifrm=-1&z=10000
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
307442763bca67c55bfb28750ffc8f9fda11490cd14cd3695d843fb5f6a9d8b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
7044
expires
Sun, 05-Jun-2005 22:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6EE9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:09:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EE9 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6EE9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:11:08 GMT
l
www.google.com/ads/measurement/ Frame 6EE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZFdEL0azDoMSU29omHaMiKpruj5XEjnEY-V0ic9yaHFXZvbDXDTD4gLln-Cnbct5Ah0Uvm9nI3L0kXa8eJNQ75GShZQ
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ Frame FAC3 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8b411acfdde1ff190ca897323d49b9121de73b66dbeb30bf22ef014f0644fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112581
x-xss-protection
0
server
cafe
etag
10433488140296296015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 May 2022 04:27:40 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ACA4 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNUzsWs_t4iG1duRE67MlggonFusEs-UXM1gI1LOaAV9qRpgx---qs2cNCRr0U-jPxUg1pT_ezzjYS7y9oJxhy8HMJrFLKzK9J_EFRkwBelB5Ps9VwDe2BQiFyvQK-PuwzMMT1shq1NNtundfOkYbY0D_oqXHTsT9efsq_yVwUf6ybii9OM
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FE6B 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C875z_g8nFFXADz5Knt2kB8NDTF_3j4LQB0f9BvzXNDBotDLvZ9YPAxrqyiUMhse313kL5qGysS5NxdvKDX6yeO2Qif_kE7vYX07vIESjCAL83N0voJrS5LFNf05akjImvpOEiiBCqRN7Zh3Ln2JXOzOBd_w&cry=1&dbm_d=AKAmf-Bm_HELOBBBc5nejZwTtcYvFlr3ROJ4M0MKAQJ2Ek7k3XetvlgvLXj3Vo1nGFvEGDhC4jM5lYMbOr52I50QBuIv_yiMg9Ti_X1bbIKsDPt7Ud9AU84-Ei4hzZ8-Setm_uAmqkPVNsyBMe4BtBCu4Lx7SGe3eKNov9eFkBn0psiYTnRAFeMNw3IPQlkdyhriwOR7iVPuH_Ke2Fupp8qof-A6ed28KrKFFT7AMhov0z6W184j1sSU5JlINa53LtyeMEJFASfHgLzJ1wRMFXKuQk_2CnBkhl4f0hZVt-X3WRYUfItjOC70ntP3JIj7yd1wW4mP_X8ggWzbKWuT-C554VDoK415beZG3vOn1HaOECpqlafPqWmdJMQPg8CitxWh_HiPsuOKTGnilHRwyz2qWRMdMdJIjzRbILktli9VyBlTBPKqe0AYnC8BnKiD976w5qF1Yuf5HGmKQ64ddxk204XqGZB7HL6hhkhSOZdTB4JcxelP3KfrDddJT19gcccsH2-WxfPYINwJQjb8U4FjgQWmCtFFwfTWo3xkNMaaDUlmqutk_hnREtkD98GoX1a9c_-87Evj9TwbesKQSVOLPXBIPdKfRN8hgwozKWH9Hphbu4uzAp68MwGGrPYczIYV9GF05vdSmo_VaqhxXf9OBPh8uA570WPT-wRkydWGrTY4hUCCbHG6XdZQrwDeMdD-3ZW2TDBOPdpYORNTkwYyOFa3vVqKY4nbZ1aenPAUmEd3zfJrrlA-6pdRiMRgnkANBD10Ay6tIpkzQuLSAVQBjvn5rRpgHkzSmLAZ5M2lG1YujF1VubYjGT72Ibs-DEdxdmmeUd1IIhSvDPr-vXgGMowdtMBsEeIC8op04TnpQCw-zGygjAnqm5fgfvLIC2f3zMQP8-H4MV8iAjZqKCb1a4pH9ZSalNgyQ7-FIqOWe1MPMc780rmJabjqG218Fx9T_eAV0mvZHE5d7bfdT-LflXCiXQMyTPuqg0yIpGyPWUEDtxP5PvHvVBqaWFzKbprVmLpdwKTdG2OI7PoQv_jmmSmjdaLBOwJ4LKhV-sb22CbdewiZwp4TvFHTxNwvhgYVQPonluutcC9M6bl-5UXUD4e4UWEp0NiLs5Bo532edxIe3OXcoemqvKXc3CzzDJop92AW9OCsC7dGe9lObSAm9kMe_HIlTM_xlBzFXy5xBnE_brRfm8ljWw2bQv9kHm3w6CdIbC-bk8HGYwRxO99IBvH7hA1l_K829l_Byl90acIwax-rsR6c0NXH7_M3mou3M2siSwLqbhkg8v_PNwmItC_bNtsFX_yQJeP-pUS_LjQ1o_HNaIrbgxFmhFw_9sbAp0O-qUK8k6ljzC-55nJOSQy9LeAEb93JztJ3EvdAk4ZtLSrLBM_hw1SSdNVx-u7UT6F3gfFn-E8IeuZDbF-XyJqjEiyOxMZpB9k_tSFiYGNvG0Icm1rWN4F6HVFmz6Bcpdc6RZr_LcUzz6K-lYArDgYFf4v74ZSiBXPNPTRAz-1KrDtA6k_GHLT7sxLiyhdEO2ZaT9DcGReachg5oG9e-cOxtFzsaCfvztnjRwYLoRh8GYxAM5O24CcLFyGBac2OO6sXVy8GYR8BvlAKXP9cXWMhNczi62C6UlZPhHTChvxtR-63jZOn7Jm1qayI5DTVAWJTIvxz9BTbsIzLKeTWx4N2QTqLCWEP4MBKxIK-4F3Yhcyo5WEXwngCNjiN1TEHXKBTktgmGs9kbJlP1hMY-ZEY9ZSsknPW1O-Cr8AJYkqiq5TUNPpPEA4eKcNi-xwihM4vcGvwSkghtGthMwubiaNnaenSmwyDcUzFYXOyU9FS4w3S44hiO8auSu1Q-qJ55p_fnSwks3DniCTWMMf6a3n_fxhGPiDeVbd1r8HzY_ybpDiBZGSxJ9SSTIP4OeCRTCMggL3RVjgZktzkNxnHxumbXeGqcQfIbRaIwP6Jp0peH2J86wyHGGTYPodQC3w6O8lm1ibwJHLvAqi7suZAyGS80pX0f2IrMmYgh39fgLWaTVk9Zyo44aX298xBOfI0PQrs7ep2jeqTxsDNRrG-K70AvDiIJkztlV-ywphNrkeRVdIPzgYxGVNbLDAoWcdcU4H3yYyX2Ol8mfH1HOsOk7gmad9rvVVlvoASYu8Jh0HUqL9lIfQ4jRwraJCiOrnYKKBkKSNkWEFMEgeczPWQkgcNwuTVmhx0gKawfIPt-B6K97H4lYH17tqzZeiRa8sS58dpOedUfYh_7W9UROfLPXRS8fvf821IcQLQD6VkhDRfD7sIIJThzBrSvaPAJ11R0nf6nhai4kjJuaiOkYu6MsJ0faoW9E02pubFaQHAKcAgGQyqUrbadiYT4BNfF5KfBrdvt9OQidEvrEHBwXtVz1lGE5kzRdA4zlwqgryXgRc0zYohXV6oGBJDNYb0__Fvj6pY3IUzmQLWsxb1emzyNPfmD45tERCxLpQPyjqUsutRueTcly0cq2fanj8tyOZOjP1g_lDO2NoL9ufhMs1Rgeo6nrrtBYS29xoVGuzRwg6E0BWiArgLfA3mUUaaNOrjD_o-QXP29VB4qGtZuhsbkxfA5JacbwGzNsblHJpOlHb7Ir1izkI7C2FsX9OZCbK15waSf7lOrJR8nAwD0Rp6yUlZ4BizC9SYTMsanqwNAZQ8yxqijh5ipYCZComuRnmSII9g_xfooNaIX_H7AKuWmle9u5iD53QQthGNDmR64Q4f0i-7mTOex0FMGmWR7Rxwwh5O5zxPJkK4EbfkDQV85TVM7v-1UiY8eYsR4Qo_6QZyikW9qGEd_VbxP-YwbeApxJFnhYrhm14pIDGltUcpQkxlcT2i-m63l10xXuQEdG8qteOPKcIrMSlsJcN26mDJJAqDimVIFH4F-Qxo66hZS6Cnx2z-6bFnNkIe_yM5DzV6_POOQtKAWy47Lm01Cy9yqklRfQhHn57KrbrdH9O3JPGDHYegBPzXZWKeXPCuWAx21_fUs8hEf8n5Ya4_DNnE6PFj2pHyBRKoolhvv2U9NwXm8ocdPjDyKe6_nN0IzijTMq2oEVXm6xju04QuaEHR8mQEfrRa3zGDUvBOqf-8ZnX21pOSIP5gtsElQDKgOldyG1zlwKQFk2JXBN049g6mc407Ej_vMFsRpkavBt3QC7oQwDsBFpJsrRza_k2WHVSkvnmNbpfFjLqgFqgcxCCag3B4Hl8hau0_fxE_1CzSTTpyqwqV0pbNVIpDoleRJpf3DRHXJkXMtfKF9IuClVTyVOrgnT8g1jOSOSW4AOiMYJ-kwiDD9aBTgd0DM2n_MEIrTCzxTF0267zXsS69ntMUpnElzlTy_cZxAy9ekUidJujdNG9XY_iw5GGhX1-QaBBIwoknq_DjYXxU1mDRJdxgQ7msx3SIgJFTk09wpxebUCs0HhujOQ&cid=CAASJ-RowiMpgqsRl4DcXPa9szBwn5GDIJNnAkmmYuAgI3aYIVv6WdkeNA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8bb950072664926ad5a69f5596625e161ce11cd91ab3b40738d899f62f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16165
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE6B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGispRltAJuImIXTd0Kg4ZzgqoV8ounaDCsHeFkTG0oaJYMbw4V8K7gvLBvAPQPNUWkFyiP-01znx6cilJb_-qSEF31gpjgxHYr-zDcD6ffOCLpbM
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame FE6B 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1077710669&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC5Lj_OwxuYuv5KsqW9u8P_I-Y6APYqeDpadD9x8DBD_AuEAEg7_aQIWCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTuAU_Qb-2Qm9_HHevsV1vATlao39JkJme3oBFOLdmEtjaH1D2ZQO-pHxdSx-10R4tnnZnXXucy5OXR_oYXW0lLSfHJkH7vmgDJ6riJAZtuQxo3U0nAg_TXx_ln6Ad40BkXtQv2lhKilW3LcQyZLyaAC9Qgsmd14ENvLTMCgeCSsdS4_biQZunT0LKGY98S6b8fPcMDlFvbpyGEd-Cywre7KMyRQ5RaDn7cIvT4_01MtDriKu8H2piWhIOTm0uYN46cCX152ico8PmMCh62Yz-t52UAqkEYbVaHZKqExhGzUxjAi4t0pgggSvknMYqi29jABJzSkfH_A-AEA5AGAaAGTYAHi9esiwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8X_gw_QEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RowiMpgqsRl4DcXPa9szBwn5GDIJNnAkmmYuAgI3aYIVv6WdkeNA%26sig%3DAOD64_3kuqUZHOxRMuERxcU-f4P8-ser5Q%26client%3Dca-pub-4627517680249670%26dbm_c%3DAKAmf-Dxui5YlSaA1aBmBOTHOjis-liYBr3OmRDEBM0KZCvqvKXfIB03Ww_wVwML_nCv4GqUZHPxIvszJhpTAaS0XLPFybFqBwClh41wbkkzs8YDKanoyxSYO26VKywkzely-kI7MdrSrRGcnMZShmoULEL4f5p04Q%26cry%3D1%26dbm_d%3DAKAmf-AxBucyAu38l5-cU_0okD7wKbq0w88mAiiDBxmOkyu8C2iEHrzrnWyhPwBA095WIrCXbB1oD4qE_fB6hmqw8C1G_DmlFTh8R-u9yENSz_q_l_FnJPlm3wzce58DbNrMlR8zv8sL_mknsaYhiRV2plZbNtpUx3P1jY68ci7-2OrVlC9XqVtNa2zECE3TQNA4I94EFAllcRWUccj6PGF18WwFm38d1GYoZf11oRXzp4zN8IZ1xQlhlPfTq__c3IoYoTBgNqNZC7W1b9DPbLMEc88nH3naP8yFzKS28Z9Gl7GE3ndZDoZSUl8r2rnaVgV4Sdszzjof0c5ScO9nMaig-gUHiYF_-nofzjY2_wV2EMkDF5EOGPOLBJp2k0JX5mTzFZeHQptLm2zULhcY0Ya1vFRWKXgEK2TOzCPP8ABCDDfXyOkuV8z29iAUDHppgMkLdbPSIX82mNzaC9AgAwODmubefXxK0mCYao_c31VtGuZQnXkxBK2eDRnYBr6FOeTuT11BIDdo88TOiB4gWf3OICKDn-ax78BCUYG1yTu2JEoK4OJMS4DMQhiFkhAeN72gvrOjQ38Ra4I6cU_xiznKDHpHsLJ1qg%26adurl%3D&e=0&ord=1651379259703723&ifrm=-1&z=10000
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f0e8a5ff67d1afaad9ab1987a7d60448731b9671aca2886e67e8e806eb8dbbb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
7040
expires
Sun, 05-Jun-2005 22:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame FE6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:09:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE6B 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame FE6B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:11:08 GMT
l
www.google.com/ads/measurement/ Frame FE6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQg6Tk1X_2A4wDtad4BrFHTPIvibxEzXkOpgkD5DtihkNQd1pnH1K_MTlPKB0O71lJry5vaSzHU9bIBhMAh7frothAskA
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame C27B 		500 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYkq-jyAEwAQ&v=APEucNX0Yqhq8tFu-tvL2__V_rJQFUaczDwLir4JP2Y_F-0rBcdI_5H8tuUYPXctmG4_Tq6oNwz--G3OPGU6Todsnt6teu9wQQzz6GCQ5ELe0zZsiNaF37X20ITkeO6lgr6wD1LImXyfUXWP6SSFal0FfRV7Ov8Di7WgR6IY7wC6drlokN-IHAo
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
299
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8834 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALo_q1t48E0nFGGhxLp05OGQZfCi5s9ln1Sm30DQma0AJjI5W3SC0EV8v803Z_zpgdc55dw0q8OuNYC458SxflAxHu4QmQsgF_w_8j6aDpt28hReGKSkJgmdSPgFYaikKaIDTzmrbHZNTDZ4d1139p4TCmKA&dbm_d=AKAmf-AhExjrW7D_FbSruAVgaQ_NaFzfFoF7pPjUtVuxfsEMlM6Z2ZKavXsIGV9MWRJc4GDTMBoYdq2FE9qgCjF5sJxz1T2k18x4RRAJNnwEG6AxAJbQWvqMyUgFQUmmmuW6AkwrYByBnEOqTA8wB1PYduWpjFeVBBIzllRjzIk0iCuQO8msYgC2FgLC3pGyjWhvzTnpjSn5wtuDkt476PXhueGKDYq81J_byMoSKgNV8dMvvH2Y6vhxewS7LmzTafZMVQBYdxlKITSwMrZblrFMo7p07qBo4gtLhhvp6y_fpXUBHXov3TPdBedSjI0ZlPUjIz4xsPcD0RpMtrwArK0nXnXGyyvnzf1kExZjOK9G2B7vgg6-4y5G1qOxAK_341rKZ4NnCXTBkZ1HT-CUzEPlxd7A8rF61VvYYvV_i8CHKZWb93GdhYxoywZTk1-Xdb_X962YTwIX3zgWbKoZpryI6-mw6EyzYsolsnRdZN5AUVe8mPQc694-TczXEeoeAI7qq6GI2FQZMYK8ByTv64dcrryLLVGy5s3K8ImF9nyC50l9Ssvv9QGvj5PYw2mQtEFf4r0nvvPM0HHNkof4aptPMfVsnIC7VZPKqJQboN-H8LtaboZkDT006ShcoRNHXj8JUC-AMMmnxquo7ecijSUlTaNhySH3rSaHyLlYWsAn1JdgftwDOz7vNpxcVZOOihbr6yCFjWR4iYaVm8mbjMBpiAD2Ab6AmhGVNdaB7SwLGNmVdxlx8jzVxN9TuJnMy4-Ku3n7xLPmvDgVnwTyqr7skdZMn3yiKx5QhIIfi4yzoNJto_bJPO6cq81EXUdd6FsA3lce4gTFSVEIIp_wFbzH0Q51vdqKmyIuvGf16BXSH2MHaERNxrhQKAQyJSX6R6tAVbt4UZBx-24X0PldE3sxZJeDrLC_g-xfkJS3rG6wVoAKJeeRakfTlKI-q-71zcq0eloJj3YPLxgtoYD-Zyt_C7CxqL1Jf53LLAaw5V2r8-qVbdEZDSv2h35iRqkSZTaVUIxheJdz6cCx51M1mQfgNOe7gzMTBH9S7i7arXIqvf68RUsB_qiU8D28nZ37x8r35Ju9-0n740fp1PS8BxCTtwzcx3a6gKYdkr36tD08JMKVRK4psnEKGUtMRupf9jabAIRDQ8JSanizz_oW_ErRHYKDqcHoboT6e9bUfgG96pU_BwB7SNh3a9aLYrOp63O6rWXDii1c4H1jejZ0g2IcbX6Y327NnPeelg7BswToqshS_wbvpRyq1o3Ezuqq_YY3dqsXmtTBxc_4TLluBsd-k6pSA7gGiIf0FQ7l8Ukq3-_JsvVpPAujEYjHIw_GXZZWtoZVLFGS7xElUp7CQcR6w-8bvJyFRB_aT6DsIPriUFBmFVNQI8QlyfKOPmePap5BmQC8vG04cT4-8ZZq-E-pgh7oCt0Ov4xmrmS3xyChdy7H_oHkktn3YEVGgV-CPJGONsA6tz7W3mFrZqxSA4Mtcuh-MF1oHBQWd6ImuNJ3oRvfdMfjmWyF1MSYNR0V1ySEcrVGmGOXu3JZhA_wR_5RugV7r3W46neDFih9RluqmXwCakvfn2jo6YTOxz6l9Po9oWcLhc5i3dXGEDVbp8xkWoXqvLFKkEZubJICCyoLguaDqViTv7AFCgLSzdgUEXMHL1Lm99ahwkHn6EkJ6Xuqfiul35V91iz_kakO7Bmld0RBx-3Mh44iAONM8WSGy0d4H_YbHBahXZFJFdSS-ta3NspAlzQOywPXDSd1WGz3Ks6NoYIBiUSopAyFQSPB71dU7n3mde_cGl31lA7KpDgFt-MUhxRKov7anyE52MmJjQpX3kRX7lzKRX5w6q4Yvj4q5ctIokN78KcXhOyozZhhmgowFQSD51gwXnl_5_0xjRPoVOTlE-YYOMEp3lUoY1T8vZq4us0d9o2j6wqqiJHEBcTkTp2-jRiSZHDeW40qm11Cqx1EEA-JrLN71MZzz5KYOH0UiTR1WyJbiEI34xbRdG7PuYq6pWHkZNDkvw8FfbxFqu06zVeadSO080ufg8dCdutEU2P6vxoscB6wnM6Ie6LD6n1TXyqvndPhMw5c643Hm19xtoHs64-8R8twG1GtSVAqPs8z_YKtm0eFgJ1aJcZVcXN7YyPvZ0VFbb-JukEumLHavZeqaoTNhCPAk1J1Jiw4b-OOFWbPvJ92-bbbeuyVzygYbuCw_5vPnvusYcLLeuWMIfBumG9L777y3jHbu0puNs8kNYBNpvxqa9T2LHSR0pqSFmRKdCeLjZcXkN1kYkS7oTDIC4HTTL4yq58xNmatEEArD3YYr-bGC9jwBcJC-j5tJQo0gAhh1cGJTu0Z3YDu_bPMEmi3JMb_NNmNicI4tNdFZ3Xtf3lbV6CS7UtPvE_933MraptG3etBQrv_zzj9cJNN8Dk9iA7isrDlnZtqNWG-c7JGSCgyUULo_UnN0R8QDomGxXi1AF_BDi_8umAhHiFI7bkRWk5sLEL7cd4o2v0IRUW9wdNWFN-WTJTtGA-iVpJ4Q_ez-4311JcnEWsQl2nz9ab5Htekc-WHu-WhV_Sh3NYA8xkPLt5oxHEi6NOS05gqFhTUCIK68SNpGkTL6DsVtkZauyHmzEEVXrL_1f-6ULlvsVC6YsN1aupJPNYMOUkcKEa2QDw8bG--EyobWrJ4CF3JdmtzyDBSkYILvTJaTwtsy65oTqiNN2eTGd2FnzHEp1m6lhdAJGXygY_T0U442Zk-swS4EjpsM0COVy5Pvzl44k3DVEu4nT4jE8WOlox-SoOCOQI7BO2DDnqqrQjW7t4bA9EncMVsjbuXbERnWe_u1J9yqNs0sFGQum_xR-q_MpQkATJ7CL419nJE-o89E2YsNkQ_oA6xcEtWxkE2yarN6ClhLtatHviZ75FJVWW_ExZsu5KSD32CNFSvXRMl2kKpgZSKf2JCVe0Ed9cJjqLJvgq1RriUxtMSrhMPtPIXQQqi2kpcXcteHzpndXlfTbzR3FgTkh9AyIX9ALZE9_XjKctssBIwWn4f3E4YQXRXp2L2kfmPqBLSOukHpk_Tpl1KpjRv05TnTF--2xT5hpn9nOxeGecKVcHF8t8_-IhQ4jmnOeoVaf-Vo0P6hkYbDQmXb0tV5s4pXEg1GulFtIJGOoVxdrow9un888Gi1u948HFB3Ix0-TtiV_yOWB8C50VvH9CnY59kvbeBrg-eyaTOUKVs7CN57etQYhWgZbORyBHkYTcA_YtgN_1sRggwJztTIQcwW5G1YHwRHks5WOGxP1lpaXNcG97fFRu5shzq2GNqbzbmLhtWZK8Y46f-E7gR1Jj9QN2oTl2Wt60IztjmLLi88Lvls3Wck5-75w&cid=CAASJ-Ro48sbjayIx01IJhWFKcIDie39fh73JlzTgwC-T9dvW2946zSLfg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4be90111615f586210f97158ff737e77f0dc23ad27b728369e56ac8fa309c07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32851
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8834 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGNRDzJTQZyx8FVHk06B8oTk4cE3buRtonpiQtJxe8Xc1K4ACF-Ks6lkhRx334ISUFaDYLqXB-DV1Lx6do3PKgFEKGz4Po2WIxPHM7ydniJa6utLc
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 8834 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:09:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8834 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 8834 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:11:08 GMT
l
www.google.com/ads/measurement/ Frame 8834 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk1swp-_4TtH6N2V9dZQKYd5yM5zSc_dAJAEJtQVzR0FwWHahpae2EVzLuDQo6OTe2JMkurpnsGiYc5sbJfISlzZomww
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
truncated
/ Frame 9346 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7be9de4d6cddb068e22e45af64ba0d63ecc4589e130104bdd755e735bcc09

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3017 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b00cb761b0ae571d73c011c8fbc4c05da055990969971a9b81ae5e4d1a3c7d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
player.js
player.selectmedia.asia/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/player.js
Requested by
Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e5d98f91f8e7be1e8fd176b3d85a0fdab01571c60d031652ad3151085b9eb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:40 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdu-7_TbJMOBGUmKXistNBXufBPR2Y669kawBxU-DPr6cGdBjFymvlQR4eZDSZLj3vtIOxvm3GvDBZ2XYBJfinsaXaB7o0m5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
9622
Last-Modified
Sat, 30 Apr 2022 11:07:10 GMT
Server
UploadServer
ETag
"2ca75fa4d366ca465fc774121ed3386a"
Vary
Accept-Encoding
x-goog-hash
crc32c=RayWOg==, md5=LKdfpNNmykZfx3QSHtM4ag==
x-goog-generation
1651316830744888
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
9622
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sun, 01 May 2022 04:32:40 GMT
track
track1.aniview.com/ Frame 3017 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&cb=1651379260398&r=www.123greetings.com&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&e=playerLoaded
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame FAC3 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eac60c83362750a3101e15416c9d9c5f08c1478f191be790244f30b57d969820

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
abc.txt
static.avantisvideo.com/data/ Frame 9346 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f22e32e7a787b8ec71c6c83d3858722dac9d20886df80f85e6fd00671fe6f4eb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Apr 2022 08:05:12 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 08:03:57 GMT
server
AmazonS3
age
73349
etag
W/"31fe141b1ffc11e4ad14ea37198fef00"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
B4fTovVYUcoFkit_G9gHnos_jFxDGZjkoUyZzt44S4OL0xvtnH0fBw==
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame 9346 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f22e32e7a787b8ec71c6c83d3858722dac9d20886df80f85e6fd00671fe6f4eb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Apr 2022 08:05:12 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 08:03:57 GMT
server
AmazonS3
age
73349
etag
W/"31fe141b1ffc11e4ad14ea37198fef00"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
YqHEqKcb7t6FEw-UxQl6ac9LqQ5GYS0ztM0u-cce7ymP2bMno8FOBA==
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379260394&oz_l=33&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:40 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
rum
dsum-sec.casalemedia.com/ Frame D924
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNUYdll1uDILnsDhAdlmYuLEEx0-w3Fms7T9yaLCmeO9_GXoNBtIy5tQEn6cDIHZ8rOUSP8TCqlTgksnqc6OfGZvpowM8zPG0JKZlR9JJOfD-lfR99r27_mTDHjYLqspf4mMELyskh1wwiN46psL9AEXSNXoWa5oH27CULFczKc6ShRqIvg
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:40 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 01 May 2022 04:27:40 GMT
rum
dsum-sec.casalemedia.com/ Frame D924
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym4MPFKT-l8EbcsviYHnjgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNUYdll1uDILnsDhAdlmYuLEEx0-w3Fms7T9yaLCmeO9_GXoNBtIy5tQEn6cDIHZ8rOUSP8TCqlTgksnqc6OfGZvpowM8zPG0JKZlR9JJOfD-lfR99r27_mTDHjYLqspf4mMELyskh1wwiN46psL9AEXSNXoWa5oH27CULFczKc6ShRqIvg
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC24kOHUZhPHWb4f5eNm430&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D924
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAaR-qwl2IEJ0lZlAHhFgd4&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAaR-qwl2IEJ0lZlAHhFgd4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNUYdll1uDILnsDhAdlmYuLEEx0-w3Fms7T9yaLCmeO9_GXoNBtIy5tQEn6cDIHZ8rOUSP8TCqlTgksnqc6OfGZvpowM8zPG0JKZlR9JJOfD-lfR99r27_mTDHjYLqspf4mMELyskh1wwiN46psL9AEXSNXoWa5oH27CULFczKc6ShRqIvg
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:40 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dcb91c39-e3ef-4622-a160-95ee146bdf17
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAaR-qwl2IEJ0lZlAHhFgd4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D924
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU0NjAzNzI4NDYwMDU1MTgyOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU0NjAzNzI4NDYwMDU1MTgyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNUYdll1uDILnsDhAdlmYuLEEx0-w3Fms7T9yaLCmeO9_GXoNBtIy5tQEn6cDIHZ8rOUSP8TCqlTgksnqc6OfGZvpowM8zPG0JKZlR9JJOfD-lfR99r27_mTDHjYLqspf4mMELyskh1wwiN46psL9AEXSNXoWa5oH27CULFczKc6ShRqIvg
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:40 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
733c9764-3d1b-4e58-8ffc-598ed63ee1a5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU0NjAzNzI4NDYwMDU1MTgyOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0A18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_Is-5fo0W54VKq2gtvq34&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_Is-5fo0W54VKq2gtvq34&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNXhBiL_xB3GtSzGa6VKigphlNwofq_dwEFnBP7cZaPllNg2V52nNB6vC5H4BCGamSeAcnlH6eXxWGgL4BNwPiulVWDIXrTyHWtpqE8bv_gY2Pzm50lqbsN9oOBJYlD3-TyaeUOZXh3MDYktdsRmF7zyqlgcHKrE-2ltgl6iNwFpTr_20zw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_Is-5fo0W54VKq2gtvq34&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0A18 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNXhBiL_xB3GtSzGa6VKigphlNwofq_dwEFnBP7cZaPllNg2V52nNB6vC5H4BCGamSeAcnlH6eXxWGgL4BNwPiulVWDIXrTyHWtpqE8bv_gY2Pzm50lqbsN9oOBJYlD3-TyaeUOZXh3MDYktdsRmF7zyqlgcHKrE-2ltgl6iNwFpTr_20zw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 0A18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBaTKLy-3IYGw0acNaZSTzU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBaTKLy-3IYGw0acNaZSTzU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNXhBiL_xB3GtSzGa6VKigphlNwofq_dwEFnBP7cZaPllNg2V52nNB6vC5H4BCGamSeAcnlH6eXxWGgL4BNwPiulVWDIXrTyHWtpqE8bv_gY2Pzm50lqbsN9oOBJYlD3-TyaeUOZXh3MDYktdsRmF7zyqlgcHKrE-2ltgl6iNwFpTr_20zw
Protocol
H2
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 01 May 2022 04:27:40 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBaTKLy-3IYGw0acNaZSTzU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0A18 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNXhBiL_xB3GtSzGa6VKigphlNwofq_dwEFnBP7cZaPllNg2V52nNB6vC5H4BCGamSeAcnlH6eXxWGgL4BNwPiulVWDIXrTyHWtpqE8bv_gY2Pzm50lqbsN9oOBJYlD3-TyaeUOZXh3MDYktdsRmF7zyqlgcHKrE-2ltgl6iNwFpTr_20zw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 01 May 2022 04:27:40 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 10F3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9346 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv35vNb1XBenuchlnyhK562EkNfEhRG-F2eZRLfQPTmglCqodlA6pKqtbMYsccrIzAw4Ak2DGjcCUjVAixsSGp8KloOgcLEV2WLPRCm7EewNRFHZFoJBuyeqh9hcMOQdRehfV1r7eWYf-5wUebw5hax-Ru8tXs-hzoanLlIfNjdnwQZydFMPE_Pk3ezucHdvYJGKC5zn8wxXzxUb4ubQEM_QY2Fezt_1HEPDW2Nm-Zo2t5SP8e7YuYyfnaXU12n9MHiStw3c_eWWbKbp1Dg4nBqxwKdaOvDNaSGSa-XcnhPrQNVhQmcfTczWQLQ0qH8GEp87GWz9cbwK203bySugc2ZhZDcTvyGh5wk10&sai=AMfl-YR-4qL0gnEd90xlKkrVHb07vDKbpcdYDUHhCE7aHTGXPTyLh1KVWgD9naQ1jUu5iR4Xmq3FEizZBccUPORVNltja6BaZk_VoR8e6akB08U0vt7N66tAy_BFaSwUCsg&sig=Cg0ArKJSzN0_5QksVoZYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 01 May 2022 04:27:40 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1818
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
u_d.html
cdn1.avantisvideo.com/connect/ Frame 9A50 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29772
content-encoding
gzip
content-type
text/html
date
Sat, 30 Apr 2022 20:11:29 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-id
nyVr7IpzUKMS8N9lbiyaUwASeHK1venyGRPkEsHgRzIPQPgb9_FnQg==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
partner
sync.search.spotxchange.com/ Frame ACA4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIBczOSMT_82nV-_wCV0NIc&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIBczOSMT_82nV-_wCV0NIc&google_cver=1&__user_check__=1&sync_id=09ae277d-c907-11ec-8adc-19bfd3920306
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIBczOSMT_82nV-_wCV0NIc&google_cver=1&__user_check__=1&sync_id=09ae277d-c907-11ec-8adc-19bfd3920306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNUzsWs_t4iG1duRE67MlggonFusEs-UXM1gI1LOaAV9qRpgx---qs2cNCRr0U-jPxUg1pT_ezzjYS7y9oJxhy8HMJrFLKzK9J_EFRkwBelB5Ps9VwDe2BQiFyvQK-PuwzMMT1shq1NNtundfOkYbY0D_oqXHTsT9efsq_yVwUf6ybii9OM
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
138
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 01 May 2022 04:27:40 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEIBczOSMT_82nV-_wCV0NIc&google_cver=1&__user_check__=1&sync_id=09ae277d-c907-11ec-8adc-19bfd3920306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame ACA4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDlhZTI3NDAtYzkwNy0xMWVjLThhZGMtMTliZmQzOTIwMzA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDlhZTI3NDAtYzkwNy0xMWVjLThhZGMtMTliZmQzOTIwMzA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNUzsWs_t4iG1duRE67MlggonFusEs-UXM1gI1LOaAV9qRpgx---qs2cNCRr0U-jPxUg1pT_ezzjYS7y9oJxhy8HMJrFLKzK9J_EFRkwBelB5Ps9VwDe2BQiFyvQK-PuwzMMT1shq1NNtundfOkYbY0D_oqXHTsT9efsq_yVwUf6ybii9OM
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 01 May 2022 04:27:40 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDlhZTI3NDAtYzkwNy0xMWVjLThhZGMtMTliZmQzOTIwMzA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
141
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame ACA4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEJzP8nPt8xrnaFJ0n-rnoD0&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJzP8nPt8xrnaFJ0n-rnoD0&_origin=1&google_cver=1&apid=UP09aa6aec-c907-11ec-bd34-02087eb080fc
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJzP8nPt8xrnaFJ0n-rnoD0&_origin=1&google_cver=1&apid=UP09aa6aec-c907-11ec-bd34-02087eb080fc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNUzsWs_t4iG1duRE67MlggonFusEs-UXM1gI1LOaAV9qRpgx---qs2cNCRr0U-jPxUg1pT_ezzjYS7y9oJxhy8HMJrFLKzK9J_EFRkwBelB5Ps9VwDe2BQiFyvQK-PuwzMMT1shq1NNtundfOkYbY0D_oqXHTsT9efsq_yVwUf6ybii9OM
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJzP8nPt8xrnaFJ0n-rnoD0&_origin=1&google_cver=1&apid=UP09aa6aec-c907-11ec-bd34-02087eb080fc
date
Sun, 01 May 2022 04:27:40 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame ACA4
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP09aa6aec-c907-11ec-bd34-02087eb080fc
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwOWFhNmFlYy1jOTA3LTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwOWFhNmFlYy1jOTA3LTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQrOLUjQMYra6-xAEwAQ&v=APEucNUzsWs_t4iG1duRE67MlggonFusEs-UXM1gI1LOaAV9qRpgx---qs2cNCRr0U-jPxUg1pT_ezzjYS7y9oJxhy8HMJrFLKzK9J_EFRkwBelB5Ps9VwDe2BQiFyvQK-PuwzMMT1shq1NNtundfOkYbY0D_oqXHTsT9efsq_yVwUf6ybii9OM
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwOWFhNmFlYy1jOTA3LTExZWMtYmQzNC0wMjA4N2ViMDgwZmM%3D
date
Sun, 01 May 2022 04:27:40 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C27B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12ZXlsa0FSRTJ1RThqRHhVYk9KUDdWdUw2b0JsZGphRH5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12ZXlsa0FSRTJ1RThqRHhVYk9KUDdWdUw2b0JsZGphRH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYkq-jyAEwAQ&v=APEucNX0Yqhq8tFu-tvL2__V_rJQFUaczDwLir4JP2Y_F-0rBcdI_5H8tuUYPXctmG4_Tq6oNwz--G3OPGU6Todsnt6teu9wQQzz6GCQ5ELe0zZsiNaF37X20ITkeO6lgr6wD1LImXyfUXWP6SSFal0FfRV7Ov8Di7WgR6IY7wC6drlokN-IHAo
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12ZXlsa0FSRTJ1RThqRHhVYk9KUDdWdUw2b0JsZGphRH5B
date
Sun, 01 May 2022 04:27:40 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
rtb-csync.smartadserver.com/redir/ Frame C27B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDQrleK24Ern11Gnpsc6Nbw&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDQrleK24Ern11Gnpsc6Nbw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYkq-jyAEwAQ&v=APEucNX0Yqhq8tFu-tvL2__V_rJQFUaczDwLir4JP2Y_F-0rBcdI_5H8tuUYPXctmG4_Tq6oNwz--G3OPGU6Todsnt6teu9wQQzz6GCQ5ELe0zZsiNaF37X20ITkeO6lgr6wD1LImXyfUXWP6SSFal0FfRV7Ov8Di7WgR6IY7wC6drlokN-IHAo
Protocol
HTTP/1.1
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDQrleK24Ern11Gnpsc6Nbw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C27B 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYkq-jyAEwAQ&v=APEucNX0Yqhq8tFu-tvL2__V_rJQFUaczDwLir4JP2Y_F-0rBcdI_5H8tuUYPXctmG4_Tq6oNwz--G3OPGU6Todsnt6teu9wQQzz6GCQ5ELe0zZsiNaF37X20ITkeO6lgr6wD1LImXyfUXWP6SSFal0FfRV7Ov8Di7WgR6IY7wC6drlokN-IHAo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
transfer-encoding
chunked
content-type
image/gif
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9F6B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 16:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 16:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 9F6B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5wkPhbTiTWnOopemgtoN8GfVQkVh_cH-djJTvucVku8-7P305lUtU9PpQJ6YB7C8jvZP-tpHGmukKwS2d19Q2GFSf8vao7bE1UDkli69sH0YRBPej5EJaTufnAP_FH_hIMZpPVs8W_2sn6BtSwXFapZlXzQ&dbm_d=AKAmf-AT8H5zk5qP2REJvdlofZRLFdIMg3y3sTnN1rLXuU-VJ6taWafAlYthgSS48Hdq2iDxoMw0pXhXoPct4Bz4YBbiyoBBAldUeH-F-1oSTA3D6iCVoaFKpDnFTkolYFBPuZzlMvoqJHqaDUxRqHHJeOPlO7457Tht0ugJ4fGM_73rlLMERE9hg0GV2NJeNGzwKhIS6bXYnNpcjGUrFMe2tGgqwh2JU5Jni67JBjuHNKPcQStvfKJdukiyt8x5SFdM0lcMs0TcZYHxI92mcF6Nbz2YdrYwdxPn3ACGoVWlfnx3a9olltpJl0rIKl9yTlPCwgRStjGdKQa59dVQikqkNHzlfzJmgzl1NoP5kO0BG0CgFTbjYZYj7V55Ljjr7HrV_wztbhVNi9pZZAx7s4FBRBwUzP7jvAVgAp0Oz7z695LrecaTAHuf6TMSfs1uQpjeRA4ZkjlTRZB9DmGYDixKi0w0x7bsEZVcYU-ZDoqtZFolnvdg-VfOqe27Ss0QSp9Zs36z4j7SYlQ12r-qjhmquygbi6XSn0oJKNVkdyA-S8xnN1r6jZzGh29oFmBr8AczrbM1DK3vpXKGsRSB6hDdYKf_AfQ1eOCt6rqc1xSUZAU_fgU4x4S8xDFZ0LsxGnHVoKxmbEOrcTe_LRh9tXq-SxWxS_DHN0i-yM2OuVKuY292nKo2eUnZiutOKg9zAefsGZWig4s8-bySjWo5nsd2Uaengvt3ubqCK0selMSpsezszttB3deIl5O_1fJObiZeaysoEZ5xW-aopYbnQNH7_-N_1boz8pKusCqnYUObIS894aHQaMwFv4iByI06Q83OK1xk1BtbySLP6QszgcUZ2kEgUAHs0tYv2IHF3EcmardoJT0kpx8Q8Pzdk-RH2ij5lKCJNkWZvT_MvngHhRrhECtxvJeDsX90fxdpWGldPh496S4mhUNsvEQ-qwvebx_R5roBkOGfIAvijgOWMsk8NfqpLqcTOOGxNRSpJT6np90e4TwNG9KN1y4mR8mEdrYtlih4OXTDUvPD4ryNuKe7QvhDmRrTD5GEptuVTAp8cwXjYIIc2KlB2dvhXVUIuWZfPJrHmyEuFCH_1w8l4cDWt-QXZndEWYz96GlWoYNOjQLSK9g8xfRJABMVxECOkp5KSk4VmNcGnZHmf52gI-PHJuJrjPN3h_u_2x5jGE5h0pn1bScZmt7qq-I4v4BRF4bUKzdJijHqQuWI-zE_iqBnK0a5SvO6mW-dpzxmxaLLfqDW_xT_Aa6CEx61VN-PzZB0kY5AzUqRK92L6OavjyqD3Fya2yez2-cZbNCmtHidk_skeD-U1ZKLUZiARGX8M-s4xVvb0XyXHttvGflDEOzWCA8YenU8p1QE35dZEl1bv2HNB5uI8ov8tY68t_mYG0dVq8eY9OiFI314GXNdBw4ewklyCdqn9vdh_jyyA6ESkw2YpdnPTgmUXN_X74Iwi9W_YYUYiM6ps7qTudr7F9BDJRlkARwpBUGh1ipugqSZu4dq99D2uQEfCTGaWH3UeKjO2gbrYL1fbN6iz09nM9rt-V672ErMeVxfXR636395D8ZZYLjr-gPX8F-Hbw7tPDBMnOGhTRdCbdcLZzSZeczK6pXrgTUgKcjldd4pMZmOrDxe_jEPs8TC5Bwibn3j_B7bLCHmYBuJ8F5hgiL9QUmz-W7B0xDVc3uIL81anJ7J5nQ7oNztXLvIdUliN-FGcnSItgULVxEV-7EWBVjS4s0o29m_QEwGOEl0ZOmVQ-fOG7cqTnzZjAMX2IJD_AwYOXpIvbF-G1rXFeo1IcF90KfRYNFSgvkFfRp6cdK4bGlaNm0yeR2vqFsjIvsOx8VYDhbt9UBSdQBd3fAd8ulQYpDbd5MeuXJj_jycRB_4t781h7MBigcjcdo-WnLXxKha11NSqtyETyahdKbtNc923olXqBbAlS38O9Tcza0VBhZA0gQjHcm0Y4xiTiFZHqovQntsTDiN4uZt1RouDudh63jFzsvGafDpuV3tgTw-41mzMJrE2rkGDM6PRNUvzV--i5rUeKcLct4hL7GXRgHSBNHNpf-oI8FTxDevSluo9qNQzLXnt1jDnIx82uH1TXjlmPv6-GRz4Gxhj9KQSitSFhDB9OzZc8oVYfCGLREpQsQhmeaDyf7EZWnNX_ubaq4WvYEGy47eGsrJvk1GPjnq_PTLCQ8Nt9dPtLQwEvOWJml8RQ2xHHJ_Un5FumfxTJ96UA2Y61fYs84T7alplKgutPwXXuNvUW6O1Utdy-BptIY0efkyZsq6s-xThlzUEo8Zh2Iqo4InZNNANwIH5aff4HQtomkNDs4rwRFH3IYAY-bxQZOZHCxHt4x_MkQJ_j4oFVk2FiuQguUww6s1tELMPZ9pQTX7vqb4yJpMlsgoygfsAIIVKV-h89SnNKWyP8VQfKHYgunyjPPJ5ugmxmY6jYJ1YrbB_MkitONwmLFw4V_qFCFdc08dLQiWeMlgu5t7McRVlmFUsS_gz5JQyp0y9GddVtp-JX7ENVAdCL8sFxoN4hEzC60gCczQm8bQ0kmrPhl1au_sQSMVC-nyiT_kOC_vOI4keboI_BrALw1gK0sukg1yRnJ5rIu8TGoMPg6914BZWKCwYIFVPzVUVi4ceDVXsYOuzS1kvS7dfwtWwQ837vj9nm0N-4P5SfXZ3buGA2pRJgv0QF0AcGIVBOQXHUZwfKZsdyO3nRBc7HBofjj4YXxH9GdQ4NDqdgWv2geCSS-oZNl4ItRDnH6IJieVvpHis0v98p9fRuwg-QwmUjNXCN7ck2rtwobkGO-w3LgymnATuzt71iM0ifAGBdun9DCtuwXMLW0ETfpUcT-nUG9CFu169SZK2j8oCrD6KVFFXeoJ9WYbqjOwM3vt6X_NaCaZW1sVNepsNauChQwaxf1E81eUVsD0h3oxzj_XaTbA68QfulxRLNq5qCCCALV4UaQr_37kT3gwQ-fK3kCD1YW3x0Bx3d-rQOHI7DV20QXjuxC6UnncrjB1_KtqO0Tv3PYiOuF-uqtNzB2s5xPskgm9JRPd4gXDB2fNTgTxNwKtI8MLbwpBjx7leuAbiJjplAA-jTncwwzXPBXCz1zLIBJcmPcGb0yqK9Xh3eyfulrGZ3THw6XC18W2IAmQOeHnH1ZLQoo8YrMzLl7B-P5rCM5kZDh1MW5g7s6GLvEP4UEjctJIQm3zToYyDnwK_WuSPMa6GTTbbpVCi5TNLu61n94DD-B5n9q0_XCgjYwSWaX5oTcLJyiPG7ehtBTpfWNGu0yHGm2ds7Td0vd9RVXOJbNxVVfcEF9UP3rscPAwEez_zUI5HXacyFdu1lN0Zv2Y2YCqBCddPgMISQ&cid=CAASJ-RoGaGL6rRZl4SWWgVLYKY3Qqt8CkQzLfEsjeYwVXYlDIbcGZmm_A&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:12:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 9F6B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5wkPhbTiTWnOopemgtoN8GfVQkVh_cH-djJTvucVku8-7P305lUtU9PpQJ6YB7C8jvZP-tpHGmukKwS2d19Q2GFSf8vao7bE1UDkli69sH0YRBPej5EJaTufnAP_FH_hIMZpPVs8W_2sn6BtSwXFapZlXzQ&dbm_d=AKAmf-AT8H5zk5qP2REJvdlofZRLFdIMg3y3sTnN1rLXuU-VJ6taWafAlYthgSS48Hdq2iDxoMw0pXhXoPct4Bz4YBbiyoBBAldUeH-F-1oSTA3D6iCVoaFKpDnFTkolYFBPuZzlMvoqJHqaDUxRqHHJeOPlO7457Tht0ugJ4fGM_73rlLMERE9hg0GV2NJeNGzwKhIS6bXYnNpcjGUrFMe2tGgqwh2JU5Jni67JBjuHNKPcQStvfKJdukiyt8x5SFdM0lcMs0TcZYHxI92mcF6Nbz2YdrYwdxPn3ACGoVWlfnx3a9olltpJl0rIKl9yTlPCwgRStjGdKQa59dVQikqkNHzlfzJmgzl1NoP5kO0BG0CgFTbjYZYj7V55Ljjr7HrV_wztbhVNi9pZZAx7s4FBRBwUzP7jvAVgAp0Oz7z695LrecaTAHuf6TMSfs1uQpjeRA4ZkjlTRZB9DmGYDixKi0w0x7bsEZVcYU-ZDoqtZFolnvdg-VfOqe27Ss0QSp9Zs36z4j7SYlQ12r-qjhmquygbi6XSn0oJKNVkdyA-S8xnN1r6jZzGh29oFmBr8AczrbM1DK3vpXKGsRSB6hDdYKf_AfQ1eOCt6rqc1xSUZAU_fgU4x4S8xDFZ0LsxGnHVoKxmbEOrcTe_LRh9tXq-SxWxS_DHN0i-yM2OuVKuY292nKo2eUnZiutOKg9zAefsGZWig4s8-bySjWo5nsd2Uaengvt3ubqCK0selMSpsezszttB3deIl5O_1fJObiZeaysoEZ5xW-aopYbnQNH7_-N_1boz8pKusCqnYUObIS894aHQaMwFv4iByI06Q83OK1xk1BtbySLP6QszgcUZ2kEgUAHs0tYv2IHF3EcmardoJT0kpx8Q8Pzdk-RH2ij5lKCJNkWZvT_MvngHhRrhECtxvJeDsX90fxdpWGldPh496S4mhUNsvEQ-qwvebx_R5roBkOGfIAvijgOWMsk8NfqpLqcTOOGxNRSpJT6np90e4TwNG9KN1y4mR8mEdrYtlih4OXTDUvPD4ryNuKe7QvhDmRrTD5GEptuVTAp8cwXjYIIc2KlB2dvhXVUIuWZfPJrHmyEuFCH_1w8l4cDWt-QXZndEWYz96GlWoYNOjQLSK9g8xfRJABMVxECOkp5KSk4VmNcGnZHmf52gI-PHJuJrjPN3h_u_2x5jGE5h0pn1bScZmt7qq-I4v4BRF4bUKzdJijHqQuWI-zE_iqBnK0a5SvO6mW-dpzxmxaLLfqDW_xT_Aa6CEx61VN-PzZB0kY5AzUqRK92L6OavjyqD3Fya2yez2-cZbNCmtHidk_skeD-U1ZKLUZiARGX8M-s4xVvb0XyXHttvGflDEOzWCA8YenU8p1QE35dZEl1bv2HNB5uI8ov8tY68t_mYG0dVq8eY9OiFI314GXNdBw4ewklyCdqn9vdh_jyyA6ESkw2YpdnPTgmUXN_X74Iwi9W_YYUYiM6ps7qTudr7F9BDJRlkARwpBUGh1ipugqSZu4dq99D2uQEfCTGaWH3UeKjO2gbrYL1fbN6iz09nM9rt-V672ErMeVxfXR636395D8ZZYLjr-gPX8F-Hbw7tPDBMnOGhTRdCbdcLZzSZeczK6pXrgTUgKcjldd4pMZmOrDxe_jEPs8TC5Bwibn3j_B7bLCHmYBuJ8F5hgiL9QUmz-W7B0xDVc3uIL81anJ7J5nQ7oNztXLvIdUliN-FGcnSItgULVxEV-7EWBVjS4s0o29m_QEwGOEl0ZOmVQ-fOG7cqTnzZjAMX2IJD_AwYOXpIvbF-G1rXFeo1IcF90KfRYNFSgvkFfRp6cdK4bGlaNm0yeR2vqFsjIvsOx8VYDhbt9UBSdQBd3fAd8ulQYpDbd5MeuXJj_jycRB_4t781h7MBigcjcdo-WnLXxKha11NSqtyETyahdKbtNc923olXqBbAlS38O9Tcza0VBhZA0gQjHcm0Y4xiTiFZHqovQntsTDiN4uZt1RouDudh63jFzsvGafDpuV3tgTw-41mzMJrE2rkGDM6PRNUvzV--i5rUeKcLct4hL7GXRgHSBNHNpf-oI8FTxDevSluo9qNQzLXnt1jDnIx82uH1TXjlmPv6-GRz4Gxhj9KQSitSFhDB9OzZc8oVYfCGLREpQsQhmeaDyf7EZWnNX_ubaq4WvYEGy47eGsrJvk1GPjnq_PTLCQ8Nt9dPtLQwEvOWJml8RQ2xHHJ_Un5FumfxTJ96UA2Y61fYs84T7alplKgutPwXXuNvUW6O1Utdy-BptIY0efkyZsq6s-xThlzUEo8Zh2Iqo4InZNNANwIH5aff4HQtomkNDs4rwRFH3IYAY-bxQZOZHCxHt4x_MkQJ_j4oFVk2FiuQguUww6s1tELMPZ9pQTX7vqb4yJpMlsgoygfsAIIVKV-h89SnNKWyP8VQfKHYgunyjPPJ5ugmxmY6jYJ1YrbB_MkitONwmLFw4V_qFCFdc08dLQiWeMlgu5t7McRVlmFUsS_gz5JQyp0y9GddVtp-JX7ENVAdCL8sFxoN4hEzC60gCczQm8bQ0kmrPhl1au_sQSMVC-nyiT_kOC_vOI4keboI_BrALw1gK0sukg1yRnJ5rIu8TGoMPg6914BZWKCwYIFVPzVUVi4ceDVXsYOuzS1kvS7dfwtWwQ837vj9nm0N-4P5SfXZ3buGA2pRJgv0QF0AcGIVBOQXHUZwfKZsdyO3nRBc7HBofjj4YXxH9GdQ4NDqdgWv2geCSS-oZNl4ItRDnH6IJieVvpHis0v98p9fRuwg-QwmUjNXCN7ck2rtwobkGO-w3LgymnATuzt71iM0ifAGBdun9DCtuwXMLW0ETfpUcT-nUG9CFu169SZK2j8oCrD6KVFFXeoJ9WYbqjOwM3vt6X_NaCaZW1sVNepsNauChQwaxf1E81eUVsD0h3oxzj_XaTbA68QfulxRLNq5qCCCALV4UaQr_37kT3gwQ-fK3kCD1YW3x0Bx3d-rQOHI7DV20QXjuxC6UnncrjB1_KtqO0Tv3PYiOuF-uqtNzB2s5xPskgm9JRPd4gXDB2fNTgTxNwKtI8MLbwpBjx7leuAbiJjplAA-jTncwwzXPBXCz1zLIBJcmPcGb0yqK9Xh3eyfulrGZ3THw6XC18W2IAmQOeHnH1ZLQoo8YrMzLl7B-P5rCM5kZDh1MW5g7s6GLvEP4UEjctJIQm3zToYyDnwK_WuSPMa6GTTbbpVCi5TNLu61n94DD-B5n9q0_XCgjYwSWaX5oTcLJyiPG7ehtBTpfWNGu0yHGm2ds7Td0vd9RVXOJbNxVVfcEF9UP3rscPAwEez_zUI5HXacyFdu1lN0Zv2Y2YCqBCddPgMISQ&cid=CAASJ-RoGaGL6rRZl4SWWgVLYKY3Qqt8CkQzLfEsjeYwVXYlDIbcGZmm_A&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:16:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 6EE9 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXS1EJquyTEK4S4SbJE94SfNZKxR6jby-1WmzHGOPeer4cvWxNSqEbobL98ehVMCiB21yugzN1F5ocuZ-v8mqVnOD76N-Ry5MqqbRNkqlxXvrLJBfEWVhr0B9pMTCNakNp8gCtYlmzphr5Ea41Xox2RitLcg&cry=1&dbm_d=AKAmf-D7hP11jEarRyOZN3PgLW02aaReigjDqGei1jyd_BRuyU9M7xn_fN4C9RNCskwRpHZ4zh-EjoKYBqB5-FS74BODFU-esjiBHulJoMc5AM3E7Argh_aQRGHZS12meqSyp67QGLRF1_dKyRJQKPwqcaur-4nwGpksdDFBi1r_1Pp5bfErAPr67FRntDmlTuPtvCC9ciU42WmpQNvsCvxU-75xYBPBCMC0rIebTCRN5Yh_6XV2y9mo5JqitqqaLY-Rn-1x7-4Neqx1k5Zjk8ImiQ08BmaC_xGNtpfmir6Acpe7GY4KDxSPUD8VrB7yTYK_L3H_q_t7wNtholPSeiOyLxwIob9JbM3t8HBytDc4NdAw7OCQRcjRWql7p6QwClC-K8HvpNZQyYeVNuJ0ksrTNARHK1t1GsHQZcXtSJ8ub3l9eoe78u85fFqzf6cp2D8MLsiw20paQ9IIxZOj2Y5wVkhnIwzqDcn-wZlHmAMlau_gFkwNrwEBy1aC5LOMC20rOPek6D7YIqUJdVpoAu0MwR7g4UgiGA_H322X3ZrIuN4745-WLnGosRiBQVFBwX3gUr9r8pZz5XMaYHi-9pg1BkrFmOHQ0uKg1G5spHJG9hRhs33SJfyRJEywrTPnaL_yvB_qmgx7SKdAnMlrSbCPpPN7rV8A0URNthVCzwbxWlLFvwRZoODXTRHpDN86gfX0nokT-UQm45CSmP7UhXhW_jUeTf5gH0gaCcuDtOYguSj9WcojhO5u-pXGZNtc1T7FVW7I7XfXbjLDHSipImddcgoQMuDsxB_WD0quduc7q9TJ6kwgXNuu09aoXuwJWwZ2cLK8G32gMWpZN8KFesEGRhru-0yDKgWNJBc85G5EC83RVMsTWzLIV_-2s_8rQ-4LmHuNSd1is0naV4lKABypoWTDAvN7x-IBvt7Dyb8IEUMPsTRewSECbisqMWDro6gjrKNr1a0oTfRuztOPy8rlXF2vCXL5ey7Zkj4xlQ88Uo0ESZKT9bQ5NbxZjyaJeAF9uh0EYTOqBwwvp8k5n3VVxlOWm0UNGEYd35q-5Tqj1bb_zdqEWkkhLLlpMbCee-jPjww8SpQ4_zVrVSzTDX2Qflz2iqv6ir9PfDgrBTl-twzLmCg_xhPdRVAhNtHEQTAMYOapPnrQjxQ7FZ0cVwVQ5cAfqbctZS1RYoHxXi3UUcXVuEMMTu07hf5P9tynN8foPVQmYQP0PQRLlKWnUNcq5w81aVcxVyU38Np6Dg8HSxBUjgmujPgTZ8tWwwYf1NHnjYutDQ0S3eD_SsHxEae_-rPlExxSzCzFHjboH2DiGTzvePjBJ8vqmV8gff5NavQ3BxDzt2oTY1LLh_MHy7c1i88a9qGJ_SBZNNh_0uUBchUMYT9XD853CF9orFXMM4IxAoQ1ZlVQBlfKjGEG7vKiT3aofswagnSOKKSp3S8rt2NwPhPdKPObUy-jc8Hsjoe7HjnhwvGMK1OA3WVzSJWPk0oDHLgyyxHJDaED2GOzChisUt0fe6pV3wehsdFWsLSTjmQT3Ehpa5EdPjc__40MVJHm_WFdlJFdo00VdvxAE13yh8SA-ScgWWXQX3IP89tzM0JrmtNiuH3VDOuNlkJGradtoDDwl2RJbQnKRJcHQCt1LO-NyZYQ56d_jFy4UTm7MEwpfjMU453s6ndcbOuD7Fn30Gm4uENT-dOrOz0_xL_5gxin46W-JRqjeks_znvKK7CgvWT6dMQN8K1ZwYa2-9wosQWIXrW4T4l7k09KMLwJ-eRElhj2OleFE1PJ5FmkEJBd3NfhxLDzvI8uTJw_G-Mm2Vxyv4gVPHAKi2Pg6rlGtJVCheSuRxNPEXRJqrWOjfk5Tk0cm4j0iaExweUmFTTjtYSrjwKNGQUBftLqm2KK6J_E_dM8YmuDgjVHQqqB3X_IlDi2RHhbeNn1tivuUYJSm8tOfNT5gH1TKhCoNMxmSvbhYxN0K0nsx8rAY122-rpN3wyRTmC5mZCjzMEHwvthvMh7tMgJp0pUeBYA8fWfBb8hh4RVi-IbA6McUv8ncO81j12C0cConk1h3_rzgHoSZA2lEAkrKCzV6AMlf4ZDfHi-cNmLwKLKUAhCBCBd4XiEti2WxebBUq8CTCCDkM_iqS6BAIG_EnZCb1aoWnn3Lk53a02gjvKC5D4BszaxL_fuhPK2aGfuaoJFiNBBygEQdQcOPVuiKI2kf6uENG65PR3kcpu6f_CAu7b3W9rD17YB4gZ_Rw_f_TYCHp78mxTn84v6NnOivuZTE4jHVxi-K9zUKrI-1ezgmttJFDPinIz2X6sOLui05z35UK-te8Bma6kqPUmGeONMSMiXDNF3XNJFMBB38G8fNizQXi10megnpK0U3Zb2QFL6qyWxPRMw5zGQ21ds2KZQZgfnYQP6P9V8OmMkAIm5WVaX9kncSJTvUV4VCbZY54zctuJgUbJkBM5S5PhAi_ZIzYwdOqXuardBj4GInovTpu0uRZJ9EuBGyMRkwvLHRVMPWIuT7wAg6joxAkXqp4lUwa9vavulnqj_zhaCxolaYHMFn2JDjE9Korjcl0DnZ-WPkCV_YLmXmm7tSkPXopwQpOYrSgr8N070EmfErUfggUF-EGzfgEgdTbu-VyrHpW5DhQSzynVKopN1zDcL1vVNnz9B9VZEzuLTRrVc1GxUwrEFccCVbrzeg4b2PGIMcdvRh_m_ophIlaIFoYtGftVEE2gNZkuT9BSZfbyfFzuF_aTML07b51EeWSsD3WyVweYGAKpagFPxL0JyI_sYFK9dJRoa2ID2nhR8SIyDwOrsxZp-eyrIuOIeu4DMXJ9OX_LgY2EaJlZMXCcX4Q68VSxxsIvkem2BVSvPkg9Sy34LH88wgGwGMPnxR3iFLIvbB6oaA_B1D4W8pUTrklpO-cRaeAEyxrwxtltypHMLWATPK0Lwf0UHP6SsoyAe9z7IaVVrvOqodrgoI0m4UHyehB56eL44J_dN097LeBiSGcrK9gmiRONI4WTIRgwoeC9WHyOvTsDJ8LvuKq3gvjazwWVIlNY2bWfpPq7bmBvC9glsfr6cM2bzMSWZ1LmR3P36qjyE_paVTQ1vKMf68ubWDSX3mrPoAN6vAL-3FhkqY7bKJMtFPVVsNbGa-N0RQUHc_1umT9MygvuZYet92x1AzAf4aodfqEscHK6yryqiVupzAkIwbRZVR8xK2FZn6AC7TcZ0kcy2UYb1duHpB_qa-4UCwTCk8pUrDN8NS5Zaxlr2sgqZMpF1oXJYTqynONp-w6UbPn6sVSV7tSpSI0CGflrHXBfl-5VkZoL16usZy4eRxLG11600xNjuSYb1WQ0YJ6j5CrKozAqxsppm4QkLVffzzI7kxFNuB5cWs_ZMmTzimUwfu4m6nP41godTgYhTRqhjDReHORbU52tgmg&cid=CAASJ-RoYcIZ9jHqT-PQMO1DiQKm02cqPF-E9QX7ipY6My5zjl5HfzYeGA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:16:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6EE9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXS1EJquyTEK4S4SbJE94SfNZKxR6jby-1WmzHGOPeer4cvWxNSqEbobL98ehVMCiB21yugzN1F5ocuZ-v8mqVnOD76N-Ry5MqqbRNkqlxXvrLJBfEWVhr0B9pMTCNakNp8gCtYlmzphr5Ea41Xox2RitLcg&cry=1&dbm_d=AKAmf-D7hP11jEarRyOZN3PgLW02aaReigjDqGei1jyd_BRuyU9M7xn_fN4C9RNCskwRpHZ4zh-EjoKYBqB5-FS74BODFU-esjiBHulJoMc5AM3E7Argh_aQRGHZS12meqSyp67QGLRF1_dKyRJQKPwqcaur-4nwGpksdDFBi1r_1Pp5bfErAPr67FRntDmlTuPtvCC9ciU42WmpQNvsCvxU-75xYBPBCMC0rIebTCRN5Yh_6XV2y9mo5JqitqqaLY-Rn-1x7-4Neqx1k5Zjk8ImiQ08BmaC_xGNtpfmir6Acpe7GY4KDxSPUD8VrB7yTYK_L3H_q_t7wNtholPSeiOyLxwIob9JbM3t8HBytDc4NdAw7OCQRcjRWql7p6QwClC-K8HvpNZQyYeVNuJ0ksrTNARHK1t1GsHQZcXtSJ8ub3l9eoe78u85fFqzf6cp2D8MLsiw20paQ9IIxZOj2Y5wVkhnIwzqDcn-wZlHmAMlau_gFkwNrwEBy1aC5LOMC20rOPek6D7YIqUJdVpoAu0MwR7g4UgiGA_H322X3ZrIuN4745-WLnGosRiBQVFBwX3gUr9r8pZz5XMaYHi-9pg1BkrFmOHQ0uKg1G5spHJG9hRhs33SJfyRJEywrTPnaL_yvB_qmgx7SKdAnMlrSbCPpPN7rV8A0URNthVCzwbxWlLFvwRZoODXTRHpDN86gfX0nokT-UQm45CSmP7UhXhW_jUeTf5gH0gaCcuDtOYguSj9WcojhO5u-pXGZNtc1T7FVW7I7XfXbjLDHSipImddcgoQMuDsxB_WD0quduc7q9TJ6kwgXNuu09aoXuwJWwZ2cLK8G32gMWpZN8KFesEGRhru-0yDKgWNJBc85G5EC83RVMsTWzLIV_-2s_8rQ-4LmHuNSd1is0naV4lKABypoWTDAvN7x-IBvt7Dyb8IEUMPsTRewSECbisqMWDro6gjrKNr1a0oTfRuztOPy8rlXF2vCXL5ey7Zkj4xlQ88Uo0ESZKT9bQ5NbxZjyaJeAF9uh0EYTOqBwwvp8k5n3VVxlOWm0UNGEYd35q-5Tqj1bb_zdqEWkkhLLlpMbCee-jPjww8SpQ4_zVrVSzTDX2Qflz2iqv6ir9PfDgrBTl-twzLmCg_xhPdRVAhNtHEQTAMYOapPnrQjxQ7FZ0cVwVQ5cAfqbctZS1RYoHxXi3UUcXVuEMMTu07hf5P9tynN8foPVQmYQP0PQRLlKWnUNcq5w81aVcxVyU38Np6Dg8HSxBUjgmujPgTZ8tWwwYf1NHnjYutDQ0S3eD_SsHxEae_-rPlExxSzCzFHjboH2DiGTzvePjBJ8vqmV8gff5NavQ3BxDzt2oTY1LLh_MHy7c1i88a9qGJ_SBZNNh_0uUBchUMYT9XD853CF9orFXMM4IxAoQ1ZlVQBlfKjGEG7vKiT3aofswagnSOKKSp3S8rt2NwPhPdKPObUy-jc8Hsjoe7HjnhwvGMK1OA3WVzSJWPk0oDHLgyyxHJDaED2GOzChisUt0fe6pV3wehsdFWsLSTjmQT3Ehpa5EdPjc__40MVJHm_WFdlJFdo00VdvxAE13yh8SA-ScgWWXQX3IP89tzM0JrmtNiuH3VDOuNlkJGradtoDDwl2RJbQnKRJcHQCt1LO-NyZYQ56d_jFy4UTm7MEwpfjMU453s6ndcbOuD7Fn30Gm4uENT-dOrOz0_xL_5gxin46W-JRqjeks_znvKK7CgvWT6dMQN8K1ZwYa2-9wosQWIXrW4T4l7k09KMLwJ-eRElhj2OleFE1PJ5FmkEJBd3NfhxLDzvI8uTJw_G-Mm2Vxyv4gVPHAKi2Pg6rlGtJVCheSuRxNPEXRJqrWOjfk5Tk0cm4j0iaExweUmFTTjtYSrjwKNGQUBftLqm2KK6J_E_dM8YmuDgjVHQqqB3X_IlDi2RHhbeNn1tivuUYJSm8tOfNT5gH1TKhCoNMxmSvbhYxN0K0nsx8rAY122-rpN3wyRTmC5mZCjzMEHwvthvMh7tMgJp0pUeBYA8fWfBb8hh4RVi-IbA6McUv8ncO81j12C0cConk1h3_rzgHoSZA2lEAkrKCzV6AMlf4ZDfHi-cNmLwKLKUAhCBCBd4XiEti2WxebBUq8CTCCDkM_iqS6BAIG_EnZCb1aoWnn3Lk53a02gjvKC5D4BszaxL_fuhPK2aGfuaoJFiNBBygEQdQcOPVuiKI2kf6uENG65PR3kcpu6f_CAu7b3W9rD17YB4gZ_Rw_f_TYCHp78mxTn84v6NnOivuZTE4jHVxi-K9zUKrI-1ezgmttJFDPinIz2X6sOLui05z35UK-te8Bma6kqPUmGeONMSMiXDNF3XNJFMBB38G8fNizQXi10megnpK0U3Zb2QFL6qyWxPRMw5zGQ21ds2KZQZgfnYQP6P9V8OmMkAIm5WVaX9kncSJTvUV4VCbZY54zctuJgUbJkBM5S5PhAi_ZIzYwdOqXuardBj4GInovTpu0uRZJ9EuBGyMRkwvLHRVMPWIuT7wAg6joxAkXqp4lUwa9vavulnqj_zhaCxolaYHMFn2JDjE9Korjcl0DnZ-WPkCV_YLmXmm7tSkPXopwQpOYrSgr8N070EmfErUfggUF-EGzfgEgdTbu-VyrHpW5DhQSzynVKopN1zDcL1vVNnz9B9VZEzuLTRrVc1GxUwrEFccCVbrzeg4b2PGIMcdvRh_m_ophIlaIFoYtGftVEE2gNZkuT9BSZfbyfFzuF_aTML07b51EeWSsD3WyVweYGAKpagFPxL0JyI_sYFK9dJRoa2ID2nhR8SIyDwOrsxZp-eyrIuOIeu4DMXJ9OX_LgY2EaJlZMXCcX4Q68VSxxsIvkem2BVSvPkg9Sy34LH88wgGwGMPnxR3iFLIvbB6oaA_B1D4W8pUTrklpO-cRaeAEyxrwxtltypHMLWATPK0Lwf0UHP6SsoyAe9z7IaVVrvOqodrgoI0m4UHyehB56eL44J_dN097LeBiSGcrK9gmiRONI4WTIRgwoeC9WHyOvTsDJ8LvuKq3gvjazwWVIlNY2bWfpPq7bmBvC9glsfr6cM2bzMSWZ1LmR3P36qjyE_paVTQ1vKMf68ubWDSX3mrPoAN6vAL-3FhkqY7bKJMtFPVVsNbGa-N0RQUHc_1umT9MygvuZYet92x1AzAf4aodfqEscHK6yryqiVupzAkIwbRZVR8xK2FZn6AC7TcZ0kcy2UYb1duHpB_qa-4UCwTCk8pUrDN8NS5Zaxlr2sgqZMpF1oXJYTqynONp-w6UbPn6sVSV7tSpSI0CGflrHXBfl-5VkZoL16usZy4eRxLG11600xNjuSYb1WQ0YJ6j5CrKozAqxsppm4QkLVffzzI7kxFNuB5cWs_ZMmTzimUwfu4m6nP41godTgYhTRqhjDReHORbU52tgmg&cid=CAASJ-RoYcIZ9jHqT-PQMO1DiQKm02cqPF-E9QX7ipY6My5zjl5HfzYeGA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 11:46:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame FE6B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C875z_g8nFFXADz5Knt2kB8NDTF_3j4LQB0f9BvzXNDBotDLvZ9YPAxrqyiUMhse313kL5qGysS5NxdvKDX6yeO2Qif_kE7vYX07vIESjCAL83N0voJrS5LFNf05akjImvpOEiiBCqRN7Zh3Ln2JXOzOBd_w&cry=1&dbm_d=AKAmf-Bm_HELOBBBc5nejZwTtcYvFlr3ROJ4M0MKAQJ2Ek7k3XetvlgvLXj3Vo1nGFvEGDhC4jM5lYMbOr52I50QBuIv_yiMg9Ti_X1bbIKsDPt7Ud9AU84-Ei4hzZ8-Setm_uAmqkPVNsyBMe4BtBCu4Lx7SGe3eKNov9eFkBn0psiYTnRAFeMNw3IPQlkdyhriwOR7iVPuH_Ke2Fupp8qof-A6ed28KrKFFT7AMhov0z6W184j1sSU5JlINa53LtyeMEJFASfHgLzJ1wRMFXKuQk_2CnBkhl4f0hZVt-X3WRYUfItjOC70ntP3JIj7yd1wW4mP_X8ggWzbKWuT-C554VDoK415beZG3vOn1HaOECpqlafPqWmdJMQPg8CitxWh_HiPsuOKTGnilHRwyz2qWRMdMdJIjzRbILktli9VyBlTBPKqe0AYnC8BnKiD976w5qF1Yuf5HGmKQ64ddxk204XqGZB7HL6hhkhSOZdTB4JcxelP3KfrDddJT19gcccsH2-WxfPYINwJQjb8U4FjgQWmCtFFwfTWo3xkNMaaDUlmqutk_hnREtkD98GoX1a9c_-87Evj9TwbesKQSVOLPXBIPdKfRN8hgwozKWH9Hphbu4uzAp68MwGGrPYczIYV9GF05vdSmo_VaqhxXf9OBPh8uA570WPT-wRkydWGrTY4hUCCbHG6XdZQrwDeMdD-3ZW2TDBOPdpYORNTkwYyOFa3vVqKY4nbZ1aenPAUmEd3zfJrrlA-6pdRiMRgnkANBD10Ay6tIpkzQuLSAVQBjvn5rRpgHkzSmLAZ5M2lG1YujF1VubYjGT72Ibs-DEdxdmmeUd1IIhSvDPr-vXgGMowdtMBsEeIC8op04TnpQCw-zGygjAnqm5fgfvLIC2f3zMQP8-H4MV8iAjZqKCb1a4pH9ZSalNgyQ7-FIqOWe1MPMc780rmJabjqG218Fx9T_eAV0mvZHE5d7bfdT-LflXCiXQMyTPuqg0yIpGyPWUEDtxP5PvHvVBqaWFzKbprVmLpdwKTdG2OI7PoQv_jmmSmjdaLBOwJ4LKhV-sb22CbdewiZwp4TvFHTxNwvhgYVQPonluutcC9M6bl-5UXUD4e4UWEp0NiLs5Bo532edxIe3OXcoemqvKXc3CzzDJop92AW9OCsC7dGe9lObSAm9kMe_HIlTM_xlBzFXy5xBnE_brRfm8ljWw2bQv9kHm3w6CdIbC-bk8HGYwRxO99IBvH7hA1l_K829l_Byl90acIwax-rsR6c0NXH7_M3mou3M2siSwLqbhkg8v_PNwmItC_bNtsFX_yQJeP-pUS_LjQ1o_HNaIrbgxFmhFw_9sbAp0O-qUK8k6ljzC-55nJOSQy9LeAEb93JztJ3EvdAk4ZtLSrLBM_hw1SSdNVx-u7UT6F3gfFn-E8IeuZDbF-XyJqjEiyOxMZpB9k_tSFiYGNvG0Icm1rWN4F6HVFmz6Bcpdc6RZr_LcUzz6K-lYArDgYFf4v74ZSiBXPNPTRAz-1KrDtA6k_GHLT7sxLiyhdEO2ZaT9DcGReachg5oG9e-cOxtFzsaCfvztnjRwYLoRh8GYxAM5O24CcLFyGBac2OO6sXVy8GYR8BvlAKXP9cXWMhNczi62C6UlZPhHTChvxtR-63jZOn7Jm1qayI5DTVAWJTIvxz9BTbsIzLKeTWx4N2QTqLCWEP4MBKxIK-4F3Yhcyo5WEXwngCNjiN1TEHXKBTktgmGs9kbJlP1hMY-ZEY9ZSsknPW1O-Cr8AJYkqiq5TUNPpPEA4eKcNi-xwihM4vcGvwSkghtGthMwubiaNnaenSmwyDcUzFYXOyU9FS4w3S44hiO8auSu1Q-qJ55p_fnSwks3DniCTWMMf6a3n_fxhGPiDeVbd1r8HzY_ybpDiBZGSxJ9SSTIP4OeCRTCMggL3RVjgZktzkNxnHxumbXeGqcQfIbRaIwP6Jp0peH2J86wyHGGTYPodQC3w6O8lm1ibwJHLvAqi7suZAyGS80pX0f2IrMmYgh39fgLWaTVk9Zyo44aX298xBOfI0PQrs7ep2jeqTxsDNRrG-K70AvDiIJkztlV-ywphNrkeRVdIPzgYxGVNbLDAoWcdcU4H3yYyX2Ol8mfH1HOsOk7gmad9rvVVlvoASYu8Jh0HUqL9lIfQ4jRwraJCiOrnYKKBkKSNkWEFMEgeczPWQkgcNwuTVmhx0gKawfIPt-B6K97H4lYH17tqzZeiRa8sS58dpOedUfYh_7W9UROfLPXRS8fvf821IcQLQD6VkhDRfD7sIIJThzBrSvaPAJ11R0nf6nhai4kjJuaiOkYu6MsJ0faoW9E02pubFaQHAKcAgGQyqUrbadiYT4BNfF5KfBrdvt9OQidEvrEHBwXtVz1lGE5kzRdA4zlwqgryXgRc0zYohXV6oGBJDNYb0__Fvj6pY3IUzmQLWsxb1emzyNPfmD45tERCxLpQPyjqUsutRueTcly0cq2fanj8tyOZOjP1g_lDO2NoL9ufhMs1Rgeo6nrrtBYS29xoVGuzRwg6E0BWiArgLfA3mUUaaNOrjD_o-QXP29VB4qGtZuhsbkxfA5JacbwGzNsblHJpOlHb7Ir1izkI7C2FsX9OZCbK15waSf7lOrJR8nAwD0Rp6yUlZ4BizC9SYTMsanqwNAZQ8yxqijh5ipYCZComuRnmSII9g_xfooNaIX_H7AKuWmle9u5iD53QQthGNDmR64Q4f0i-7mTOex0FMGmWR7Rxwwh5O5zxPJkK4EbfkDQV85TVM7v-1UiY8eYsR4Qo_6QZyikW9qGEd_VbxP-YwbeApxJFnhYrhm14pIDGltUcpQkxlcT2i-m63l10xXuQEdG8qteOPKcIrMSlsJcN26mDJJAqDimVIFH4F-Qxo66hZS6Cnx2z-6bFnNkIe_yM5DzV6_POOQtKAWy47Lm01Cy9yqklRfQhHn57KrbrdH9O3JPGDHYegBPzXZWKeXPCuWAx21_fUs8hEf8n5Ya4_DNnE6PFj2pHyBRKoolhvv2U9NwXm8ocdPjDyKe6_nN0IzijTMq2oEVXm6xju04QuaEHR8mQEfrRa3zGDUvBOqf-8ZnX21pOSIP5gtsElQDKgOldyG1zlwKQFk2JXBN049g6mc407Ej_vMFsRpkavBt3QC7oQwDsBFpJsrRza_k2WHVSkvnmNbpfFjLqgFqgcxCCag3B4Hl8hau0_fxE_1CzSTTpyqwqV0pbNVIpDoleRJpf3DRHXJkXMtfKF9IuClVTyVOrgnT8g1jOSOSW4AOiMYJ-kwiDD9aBTgd0DM2n_MEIrTCzxTF0267zXsS69ntMUpnElzlTy_cZxAy9ekUidJujdNG9XY_iw5GGhX1-QaBBIwoknq_DjYXxU1mDRJdxgQ7msx3SIgJFTk09wpxebUCs0HhujOQ&cid=CAASJ-RowiMpgqsRl4DcXPa9szBwn5GDIJNnAkmmYuAgI3aYIVv6WdkeNA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:16:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FE6B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C875z_g8nFFXADz5Knt2kB8NDTF_3j4LQB0f9BvzXNDBotDLvZ9YPAxrqyiUMhse313kL5qGysS5NxdvKDX6yeO2Qif_kE7vYX07vIESjCAL83N0voJrS5LFNf05akjImvpOEiiBCqRN7Zh3Ln2JXOzOBd_w&cry=1&dbm_d=AKAmf-Bm_HELOBBBc5nejZwTtcYvFlr3ROJ4M0MKAQJ2Ek7k3XetvlgvLXj3Vo1nGFvEGDhC4jM5lYMbOr52I50QBuIv_yiMg9Ti_X1bbIKsDPt7Ud9AU84-Ei4hzZ8-Setm_uAmqkPVNsyBMe4BtBCu4Lx7SGe3eKNov9eFkBn0psiYTnRAFeMNw3IPQlkdyhriwOR7iVPuH_Ke2Fupp8qof-A6ed28KrKFFT7AMhov0z6W184j1sSU5JlINa53LtyeMEJFASfHgLzJ1wRMFXKuQk_2CnBkhl4f0hZVt-X3WRYUfItjOC70ntP3JIj7yd1wW4mP_X8ggWzbKWuT-C554VDoK415beZG3vOn1HaOECpqlafPqWmdJMQPg8CitxWh_HiPsuOKTGnilHRwyz2qWRMdMdJIjzRbILktli9VyBlTBPKqe0AYnC8BnKiD976w5qF1Yuf5HGmKQ64ddxk204XqGZB7HL6hhkhSOZdTB4JcxelP3KfrDddJT19gcccsH2-WxfPYINwJQjb8U4FjgQWmCtFFwfTWo3xkNMaaDUlmqutk_hnREtkD98GoX1a9c_-87Evj9TwbesKQSVOLPXBIPdKfRN8hgwozKWH9Hphbu4uzAp68MwGGrPYczIYV9GF05vdSmo_VaqhxXf9OBPh8uA570WPT-wRkydWGrTY4hUCCbHG6XdZQrwDeMdD-3ZW2TDBOPdpYORNTkwYyOFa3vVqKY4nbZ1aenPAUmEd3zfJrrlA-6pdRiMRgnkANBD10Ay6tIpkzQuLSAVQBjvn5rRpgHkzSmLAZ5M2lG1YujF1VubYjGT72Ibs-DEdxdmmeUd1IIhSvDPr-vXgGMowdtMBsEeIC8op04TnpQCw-zGygjAnqm5fgfvLIC2f3zMQP8-H4MV8iAjZqKCb1a4pH9ZSalNgyQ7-FIqOWe1MPMc780rmJabjqG218Fx9T_eAV0mvZHE5d7bfdT-LflXCiXQMyTPuqg0yIpGyPWUEDtxP5PvHvVBqaWFzKbprVmLpdwKTdG2OI7PoQv_jmmSmjdaLBOwJ4LKhV-sb22CbdewiZwp4TvFHTxNwvhgYVQPonluutcC9M6bl-5UXUD4e4UWEp0NiLs5Bo532edxIe3OXcoemqvKXc3CzzDJop92AW9OCsC7dGe9lObSAm9kMe_HIlTM_xlBzFXy5xBnE_brRfm8ljWw2bQv9kHm3w6CdIbC-bk8HGYwRxO99IBvH7hA1l_K829l_Byl90acIwax-rsR6c0NXH7_M3mou3M2siSwLqbhkg8v_PNwmItC_bNtsFX_yQJeP-pUS_LjQ1o_HNaIrbgxFmhFw_9sbAp0O-qUK8k6ljzC-55nJOSQy9LeAEb93JztJ3EvdAk4ZtLSrLBM_hw1SSdNVx-u7UT6F3gfFn-E8IeuZDbF-XyJqjEiyOxMZpB9k_tSFiYGNvG0Icm1rWN4F6HVFmz6Bcpdc6RZr_LcUzz6K-lYArDgYFf4v74ZSiBXPNPTRAz-1KrDtA6k_GHLT7sxLiyhdEO2ZaT9DcGReachg5oG9e-cOxtFzsaCfvztnjRwYLoRh8GYxAM5O24CcLFyGBac2OO6sXVy8GYR8BvlAKXP9cXWMhNczi62C6UlZPhHTChvxtR-63jZOn7Jm1qayI5DTVAWJTIvxz9BTbsIzLKeTWx4N2QTqLCWEP4MBKxIK-4F3Yhcyo5WEXwngCNjiN1TEHXKBTktgmGs9kbJlP1hMY-ZEY9ZSsknPW1O-Cr8AJYkqiq5TUNPpPEA4eKcNi-xwihM4vcGvwSkghtGthMwubiaNnaenSmwyDcUzFYXOyU9FS4w3S44hiO8auSu1Q-qJ55p_fnSwks3DniCTWMMf6a3n_fxhGPiDeVbd1r8HzY_ybpDiBZGSxJ9SSTIP4OeCRTCMggL3RVjgZktzkNxnHxumbXeGqcQfIbRaIwP6Jp0peH2J86wyHGGTYPodQC3w6O8lm1ibwJHLvAqi7suZAyGS80pX0f2IrMmYgh39fgLWaTVk9Zyo44aX298xBOfI0PQrs7ep2jeqTxsDNRrG-K70AvDiIJkztlV-ywphNrkeRVdIPzgYxGVNbLDAoWcdcU4H3yYyX2Ol8mfH1HOsOk7gmad9rvVVlvoASYu8Jh0HUqL9lIfQ4jRwraJCiOrnYKKBkKSNkWEFMEgeczPWQkgcNwuTVmhx0gKawfIPt-B6K97H4lYH17tqzZeiRa8sS58dpOedUfYh_7W9UROfLPXRS8fvf821IcQLQD6VkhDRfD7sIIJThzBrSvaPAJ11R0nf6nhai4kjJuaiOkYu6MsJ0faoW9E02pubFaQHAKcAgGQyqUrbadiYT4BNfF5KfBrdvt9OQidEvrEHBwXtVz1lGE5kzRdA4zlwqgryXgRc0zYohXV6oGBJDNYb0__Fvj6pY3IUzmQLWsxb1emzyNPfmD45tERCxLpQPyjqUsutRueTcly0cq2fanj8tyOZOjP1g_lDO2NoL9ufhMs1Rgeo6nrrtBYS29xoVGuzRwg6E0BWiArgLfA3mUUaaNOrjD_o-QXP29VB4qGtZuhsbkxfA5JacbwGzNsblHJpOlHb7Ir1izkI7C2FsX9OZCbK15waSf7lOrJR8nAwD0Rp6yUlZ4BizC9SYTMsanqwNAZQ8yxqijh5ipYCZComuRnmSII9g_xfooNaIX_H7AKuWmle9u5iD53QQthGNDmR64Q4f0i-7mTOex0FMGmWR7Rxwwh5O5zxPJkK4EbfkDQV85TVM7v-1UiY8eYsR4Qo_6QZyikW9qGEd_VbxP-YwbeApxJFnhYrhm14pIDGltUcpQkxlcT2i-m63l10xXuQEdG8qteOPKcIrMSlsJcN26mDJJAqDimVIFH4F-Qxo66hZS6Cnx2z-6bFnNkIe_yM5DzV6_POOQtKAWy47Lm01Cy9yqklRfQhHn57KrbrdH9O3JPGDHYegBPzXZWKeXPCuWAx21_fUs8hEf8n5Ya4_DNnE6PFj2pHyBRKoolhvv2U9NwXm8ocdPjDyKe6_nN0IzijTMq2oEVXm6xju04QuaEHR8mQEfrRa3zGDUvBOqf-8ZnX21pOSIP5gtsElQDKgOldyG1zlwKQFk2JXBN049g6mc407Ej_vMFsRpkavBt3QC7oQwDsBFpJsrRza_k2WHVSkvnmNbpfFjLqgFqgcxCCag3B4Hl8hau0_fxE_1CzSTTpyqwqV0pbNVIpDoleRJpf3DRHXJkXMtfKF9IuClVTyVOrgnT8g1jOSOSW4AOiMYJ-kwiDD9aBTgd0DM2n_MEIrTCzxTF0267zXsS69ntMUpnElzlTy_cZxAy9ekUidJujdNG9XY_iw5GGhX1-QaBBIwoknq_DjYXxU1mDRJdxgQ7msx3SIgJFTk09wpxebUCs0HhujOQ&cid=CAASJ-RowiMpgqsRl4DcXPa9szBwn5GDIJNnAkmmYuAgI3aYIVv6WdkeNA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 11:46:57 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8834 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 16:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 16:59:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 8834 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALo_q1t48E0nFGGhxLp05OGQZfCi5s9ln1Sm30DQma0AJjI5W3SC0EV8v803Z_zpgdc55dw0q8OuNYC458SxflAxHu4QmQsgF_w_8j6aDpt28hReGKSkJgmdSPgFYaikKaIDTzmrbHZNTDZ4d1139p4TCmKA&dbm_d=AKAmf-AhExjrW7D_FbSruAVgaQ_NaFzfFoF7pPjUtVuxfsEMlM6Z2ZKavXsIGV9MWRJc4GDTMBoYdq2FE9qgCjF5sJxz1T2k18x4RRAJNnwEG6AxAJbQWvqMyUgFQUmmmuW6AkwrYByBnEOqTA8wB1PYduWpjFeVBBIzllRjzIk0iCuQO8msYgC2FgLC3pGyjWhvzTnpjSn5wtuDkt476PXhueGKDYq81J_byMoSKgNV8dMvvH2Y6vhxewS7LmzTafZMVQBYdxlKITSwMrZblrFMo7p07qBo4gtLhhvp6y_fpXUBHXov3TPdBedSjI0ZlPUjIz4xsPcD0RpMtrwArK0nXnXGyyvnzf1kExZjOK9G2B7vgg6-4y5G1qOxAK_341rKZ4NnCXTBkZ1HT-CUzEPlxd7A8rF61VvYYvV_i8CHKZWb93GdhYxoywZTk1-Xdb_X962YTwIX3zgWbKoZpryI6-mw6EyzYsolsnRdZN5AUVe8mPQc694-TczXEeoeAI7qq6GI2FQZMYK8ByTv64dcrryLLVGy5s3K8ImF9nyC50l9Ssvv9QGvj5PYw2mQtEFf4r0nvvPM0HHNkof4aptPMfVsnIC7VZPKqJQboN-H8LtaboZkDT006ShcoRNHXj8JUC-AMMmnxquo7ecijSUlTaNhySH3rSaHyLlYWsAn1JdgftwDOz7vNpxcVZOOihbr6yCFjWR4iYaVm8mbjMBpiAD2Ab6AmhGVNdaB7SwLGNmVdxlx8jzVxN9TuJnMy4-Ku3n7xLPmvDgVnwTyqr7skdZMn3yiKx5QhIIfi4yzoNJto_bJPO6cq81EXUdd6FsA3lce4gTFSVEIIp_wFbzH0Q51vdqKmyIuvGf16BXSH2MHaERNxrhQKAQyJSX6R6tAVbt4UZBx-24X0PldE3sxZJeDrLC_g-xfkJS3rG6wVoAKJeeRakfTlKI-q-71zcq0eloJj3YPLxgtoYD-Zyt_C7CxqL1Jf53LLAaw5V2r8-qVbdEZDSv2h35iRqkSZTaVUIxheJdz6cCx51M1mQfgNOe7gzMTBH9S7i7arXIqvf68RUsB_qiU8D28nZ37x8r35Ju9-0n740fp1PS8BxCTtwzcx3a6gKYdkr36tD08JMKVRK4psnEKGUtMRupf9jabAIRDQ8JSanizz_oW_ErRHYKDqcHoboT6e9bUfgG96pU_BwB7SNh3a9aLYrOp63O6rWXDii1c4H1jejZ0g2IcbX6Y327NnPeelg7BswToqshS_wbvpRyq1o3Ezuqq_YY3dqsXmtTBxc_4TLluBsd-k6pSA7gGiIf0FQ7l8Ukq3-_JsvVpPAujEYjHIw_GXZZWtoZVLFGS7xElUp7CQcR6w-8bvJyFRB_aT6DsIPriUFBmFVNQI8QlyfKOPmePap5BmQC8vG04cT4-8ZZq-E-pgh7oCt0Ov4xmrmS3xyChdy7H_oHkktn3YEVGgV-CPJGONsA6tz7W3mFrZqxSA4Mtcuh-MF1oHBQWd6ImuNJ3oRvfdMfjmWyF1MSYNR0V1ySEcrVGmGOXu3JZhA_wR_5RugV7r3W46neDFih9RluqmXwCakvfn2jo6YTOxz6l9Po9oWcLhc5i3dXGEDVbp8xkWoXqvLFKkEZubJICCyoLguaDqViTv7AFCgLSzdgUEXMHL1Lm99ahwkHn6EkJ6Xuqfiul35V91iz_kakO7Bmld0RBx-3Mh44iAONM8WSGy0d4H_YbHBahXZFJFdSS-ta3NspAlzQOywPXDSd1WGz3Ks6NoYIBiUSopAyFQSPB71dU7n3mde_cGl31lA7KpDgFt-MUhxRKov7anyE52MmJjQpX3kRX7lzKRX5w6q4Yvj4q5ctIokN78KcXhOyozZhhmgowFQSD51gwXnl_5_0xjRPoVOTlE-YYOMEp3lUoY1T8vZq4us0d9o2j6wqqiJHEBcTkTp2-jRiSZHDeW40qm11Cqx1EEA-JrLN71MZzz5KYOH0UiTR1WyJbiEI34xbRdG7PuYq6pWHkZNDkvw8FfbxFqu06zVeadSO080ufg8dCdutEU2P6vxoscB6wnM6Ie6LD6n1TXyqvndPhMw5c643Hm19xtoHs64-8R8twG1GtSVAqPs8z_YKtm0eFgJ1aJcZVcXN7YyPvZ0VFbb-JukEumLHavZeqaoTNhCPAk1J1Jiw4b-OOFWbPvJ92-bbbeuyVzygYbuCw_5vPnvusYcLLeuWMIfBumG9L777y3jHbu0puNs8kNYBNpvxqa9T2LHSR0pqSFmRKdCeLjZcXkN1kYkS7oTDIC4HTTL4yq58xNmatEEArD3YYr-bGC9jwBcJC-j5tJQo0gAhh1cGJTu0Z3YDu_bPMEmi3JMb_NNmNicI4tNdFZ3Xtf3lbV6CS7UtPvE_933MraptG3etBQrv_zzj9cJNN8Dk9iA7isrDlnZtqNWG-c7JGSCgyUULo_UnN0R8QDomGxXi1AF_BDi_8umAhHiFI7bkRWk5sLEL7cd4o2v0IRUW9wdNWFN-WTJTtGA-iVpJ4Q_ez-4311JcnEWsQl2nz9ab5Htekc-WHu-WhV_Sh3NYA8xkPLt5oxHEi6NOS05gqFhTUCIK68SNpGkTL6DsVtkZauyHmzEEVXrL_1f-6ULlvsVC6YsN1aupJPNYMOUkcKEa2QDw8bG--EyobWrJ4CF3JdmtzyDBSkYILvTJaTwtsy65oTqiNN2eTGd2FnzHEp1m6lhdAJGXygY_T0U442Zk-swS4EjpsM0COVy5Pvzl44k3DVEu4nT4jE8WOlox-SoOCOQI7BO2DDnqqrQjW7t4bA9EncMVsjbuXbERnWe_u1J9yqNs0sFGQum_xR-q_MpQkATJ7CL419nJE-o89E2YsNkQ_oA6xcEtWxkE2yarN6ClhLtatHviZ75FJVWW_ExZsu5KSD32CNFSvXRMl2kKpgZSKf2JCVe0Ed9cJjqLJvgq1RriUxtMSrhMPtPIXQQqi2kpcXcteHzpndXlfTbzR3FgTkh9AyIX9ALZE9_XjKctssBIwWn4f3E4YQXRXp2L2kfmPqBLSOukHpk_Tpl1KpjRv05TnTF--2xT5hpn9nOxeGecKVcHF8t8_-IhQ4jmnOeoVaf-Vo0P6hkYbDQmXb0tV5s4pXEg1GulFtIJGOoVxdrow9un888Gi1u948HFB3Ix0-TtiV_yOWB8C50VvH9CnY59kvbeBrg-eyaTOUKVs7CN57etQYhWgZbORyBHkYTcA_YtgN_1sRggwJztTIQcwW5G1YHwRHks5WOGxP1lpaXNcG97fFRu5shzq2GNqbzbmLhtWZK8Y46f-E7gR1Jj9QN2oTl2Wt60IztjmLLi88Lvls3Wck5-75w&cid=CAASJ-Ro48sbjayIx01IJhWFKcIDie39fh73JlzTgwC-T9dvW2946zSLfg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:12:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 8834 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALo_q1t48E0nFGGhxLp05OGQZfCi5s9ln1Sm30DQma0AJjI5W3SC0EV8v803Z_zpgdc55dw0q8OuNYC458SxflAxHu4QmQsgF_w_8j6aDpt28hReGKSkJgmdSPgFYaikKaIDTzmrbHZNTDZ4d1139p4TCmKA&dbm_d=AKAmf-AhExjrW7D_FbSruAVgaQ_NaFzfFoF7pPjUtVuxfsEMlM6Z2ZKavXsIGV9MWRJc4GDTMBoYdq2FE9qgCjF5sJxz1T2k18x4RRAJNnwEG6AxAJbQWvqMyUgFQUmmmuW6AkwrYByBnEOqTA8wB1PYduWpjFeVBBIzllRjzIk0iCuQO8msYgC2FgLC3pGyjWhvzTnpjSn5wtuDkt476PXhueGKDYq81J_byMoSKgNV8dMvvH2Y6vhxewS7LmzTafZMVQBYdxlKITSwMrZblrFMo7p07qBo4gtLhhvp6y_fpXUBHXov3TPdBedSjI0ZlPUjIz4xsPcD0RpMtrwArK0nXnXGyyvnzf1kExZjOK9G2B7vgg6-4y5G1qOxAK_341rKZ4NnCXTBkZ1HT-CUzEPlxd7A8rF61VvYYvV_i8CHKZWb93GdhYxoywZTk1-Xdb_X962YTwIX3zgWbKoZpryI6-mw6EyzYsolsnRdZN5AUVe8mPQc694-TczXEeoeAI7qq6GI2FQZMYK8ByTv64dcrryLLVGy5s3K8ImF9nyC50l9Ssvv9QGvj5PYw2mQtEFf4r0nvvPM0HHNkof4aptPMfVsnIC7VZPKqJQboN-H8LtaboZkDT006ShcoRNHXj8JUC-AMMmnxquo7ecijSUlTaNhySH3rSaHyLlYWsAn1JdgftwDOz7vNpxcVZOOihbr6yCFjWR4iYaVm8mbjMBpiAD2Ab6AmhGVNdaB7SwLGNmVdxlx8jzVxN9TuJnMy4-Ku3n7xLPmvDgVnwTyqr7skdZMn3yiKx5QhIIfi4yzoNJto_bJPO6cq81EXUdd6FsA3lce4gTFSVEIIp_wFbzH0Q51vdqKmyIuvGf16BXSH2MHaERNxrhQKAQyJSX6R6tAVbt4UZBx-24X0PldE3sxZJeDrLC_g-xfkJS3rG6wVoAKJeeRakfTlKI-q-71zcq0eloJj3YPLxgtoYD-Zyt_C7CxqL1Jf53LLAaw5V2r8-qVbdEZDSv2h35iRqkSZTaVUIxheJdz6cCx51M1mQfgNOe7gzMTBH9S7i7arXIqvf68RUsB_qiU8D28nZ37x8r35Ju9-0n740fp1PS8BxCTtwzcx3a6gKYdkr36tD08JMKVRK4psnEKGUtMRupf9jabAIRDQ8JSanizz_oW_ErRHYKDqcHoboT6e9bUfgG96pU_BwB7SNh3a9aLYrOp63O6rWXDii1c4H1jejZ0g2IcbX6Y327NnPeelg7BswToqshS_wbvpRyq1o3Ezuqq_YY3dqsXmtTBxc_4TLluBsd-k6pSA7gGiIf0FQ7l8Ukq3-_JsvVpPAujEYjHIw_GXZZWtoZVLFGS7xElUp7CQcR6w-8bvJyFRB_aT6DsIPriUFBmFVNQI8QlyfKOPmePap5BmQC8vG04cT4-8ZZq-E-pgh7oCt0Ov4xmrmS3xyChdy7H_oHkktn3YEVGgV-CPJGONsA6tz7W3mFrZqxSA4Mtcuh-MF1oHBQWd6ImuNJ3oRvfdMfjmWyF1MSYNR0V1ySEcrVGmGOXu3JZhA_wR_5RugV7r3W46neDFih9RluqmXwCakvfn2jo6YTOxz6l9Po9oWcLhc5i3dXGEDVbp8xkWoXqvLFKkEZubJICCyoLguaDqViTv7AFCgLSzdgUEXMHL1Lm99ahwkHn6EkJ6Xuqfiul35V91iz_kakO7Bmld0RBx-3Mh44iAONM8WSGy0d4H_YbHBahXZFJFdSS-ta3NspAlzQOywPXDSd1WGz3Ks6NoYIBiUSopAyFQSPB71dU7n3mde_cGl31lA7KpDgFt-MUhxRKov7anyE52MmJjQpX3kRX7lzKRX5w6q4Yvj4q5ctIokN78KcXhOyozZhhmgowFQSD51gwXnl_5_0xjRPoVOTlE-YYOMEp3lUoY1T8vZq4us0d9o2j6wqqiJHEBcTkTp2-jRiSZHDeW40qm11Cqx1EEA-JrLN71MZzz5KYOH0UiTR1WyJbiEI34xbRdG7PuYq6pWHkZNDkvw8FfbxFqu06zVeadSO080ufg8dCdutEU2P6vxoscB6wnM6Ie6LD6n1TXyqvndPhMw5c643Hm19xtoHs64-8R8twG1GtSVAqPs8z_YKtm0eFgJ1aJcZVcXN7YyPvZ0VFbb-JukEumLHavZeqaoTNhCPAk1J1Jiw4b-OOFWbPvJ92-bbbeuyVzygYbuCw_5vPnvusYcLLeuWMIfBumG9L777y3jHbu0puNs8kNYBNpvxqa9T2LHSR0pqSFmRKdCeLjZcXkN1kYkS7oTDIC4HTTL4yq58xNmatEEArD3YYr-bGC9jwBcJC-j5tJQo0gAhh1cGJTu0Z3YDu_bPMEmi3JMb_NNmNicI4tNdFZ3Xtf3lbV6CS7UtPvE_933MraptG3etBQrv_zzj9cJNN8Dk9iA7isrDlnZtqNWG-c7JGSCgyUULo_UnN0R8QDomGxXi1AF_BDi_8umAhHiFI7bkRWk5sLEL7cd4o2v0IRUW9wdNWFN-WTJTtGA-iVpJ4Q_ez-4311JcnEWsQl2nz9ab5Htekc-WHu-WhV_Sh3NYA8xkPLt5oxHEi6NOS05gqFhTUCIK68SNpGkTL6DsVtkZauyHmzEEVXrL_1f-6ULlvsVC6YsN1aupJPNYMOUkcKEa2QDw8bG--EyobWrJ4CF3JdmtzyDBSkYILvTJaTwtsy65oTqiNN2eTGd2FnzHEp1m6lhdAJGXygY_T0U442Zk-swS4EjpsM0COVy5Pvzl44k3DVEu4nT4jE8WOlox-SoOCOQI7BO2DDnqqrQjW7t4bA9EncMVsjbuXbERnWe_u1J9yqNs0sFGQum_xR-q_MpQkATJ7CL419nJE-o89E2YsNkQ_oA6xcEtWxkE2yarN6ClhLtatHviZ75FJVWW_ExZsu5KSD32CNFSvXRMl2kKpgZSKf2JCVe0Ed9cJjqLJvgq1RriUxtMSrhMPtPIXQQqi2kpcXcteHzpndXlfTbzR3FgTkh9AyIX9ALZE9_XjKctssBIwWn4f3E4YQXRXp2L2kfmPqBLSOukHpk_Tpl1KpjRv05TnTF--2xT5hpn9nOxeGecKVcHF8t8_-IhQ4jmnOeoVaf-Vo0P6hkYbDQmXb0tV5s4pXEg1GulFtIJGOoVxdrow9un888Gi1u948HFB3Ix0-TtiV_yOWB8C50VvH9CnY59kvbeBrg-eyaTOUKVs7CN57etQYhWgZbORyBHkYTcA_YtgN_1sRggwJztTIQcwW5G1YHwRHks5WOGxP1lpaXNcG97fFRu5shzq2GNqbzbmLhtWZK8Y46f-E7gR1Jj9QN2oTl2Wt60IztjmLLi88Lvls3Wck5-75w&cid=CAASJ-Ro48sbjayIx01IJhWFKcIDie39fh73JlzTgwC-T9dvW2946zSLfg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:16:51 GMT
10741900595397069241
tpc.googlesyndication.com/simgad/ Frame 10F3 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10741900595397069241
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccacaa54099a7d166556e98bd472ed1d53186bcb5fffc692f5135d34cbefd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 03:10:00 GMT
x-content-type-options
nosniff
age
177460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128861
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:43:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 29 Apr 2023 03:10:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10F3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
67562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 01 May 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10F3 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
66875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 01 May 2022 09:53:05 GMT
10741900595397069241
tpc.googlesyndication.com/simgad/ Frame 1818 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10741900595397069241
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccacaa54099a7d166556e98bd472ed1d53186bcb5fffc692f5135d34cbefd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 03:10:00 GMT
x-content-type-options
nosniff
age
177460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128861
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:43:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 29 Apr 2023 03:10:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1818 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
67562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 01 May 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1818 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
66875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 01 May 2022 09:53:05 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame FAC3 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame FAC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FAC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E1AC 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18f84ce0a20450e757473d5ca655656ca9c094aac8e357df96764c79805721d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10022
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AVmanager.js
player.selectmedia.asia/script/6.1/ Frame 3FB5 		370 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
90885ecbd565f2511e2704714a6bdb36dbd4697faff1f766abe7c3ae55b40bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:40 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdvUS4C1OeiQ-l4I8A8bGx7q-4ZYNplbuMXO0us-f_aPuazs02Yrtk5AT-Xh2xVpUfy74uX3J-uZWyhg-BXzNcedQeQhO0kU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
106360
Last-Modified
Sat, 30 Apr 2022 11:07:10 GMT
Server
UploadServer
ETag
"cb4c7f8a5e3003118790fdf78ac870e4"
Vary
Accept-Encoding
x-goog-hash
crc32c=ACIT8Q==, md5=y0x/il4wAxGHkP33ishw5A==
x-goog-generation
1651316830569023
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
106360
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sun, 01 May 2022 04:32:40 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 9A50 		221 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6a7db5e52cc2c0acd177bbb82cecc81ee3cfe8bddbe2e78f1c9cb057ef14d759
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
221
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 01 May 2022 04:27:40 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
GOILbKY2P8iXnbfoYWbq63ULRTQ65NRaAL3Zkmk2lNTowrCuD4JPdA==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sun, 01 May 2022 04:27:40 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-id
wi5nolHfmjxjKYytZjQrohaiS7F9U4GvYOTpuRxd_yz5rJ1rVF8Pvw==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
ebHtml5Banner.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ Frame 6EE9 		309 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1077710669&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCtOC7OwxuYt_4KsqW9u8P_I-Y6APYqeDpadD9x8DBD_AuEAEg7_aQIWCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTuAU_Q27Em0paGL9gdEvMhUhtDTKdlfa3gUROYl5g5s8MwbTJkJYWUT_5NWTKB8IKNCTshf0FFcBr0G7b-ndZ2kt57__ZFAlim3AaFr-9419S21NHFo0uPPv-RSYohhS5z8ALeP3pfin8cLFXqVzMKSZ53uNjZ8pFf-v2rU4W14m6nhhIPhf-NVQmu6zWV7pH9H33jw63tvU8oDeZuxxfPjwaiBd7Zxy3pbl5-qduxAsnpUa_oA752ESm6Zyw79Naq37CY-a7cRtgePiyrYM46TrDVAnDFgH9r8NXC8DuA7qoOQW6QgeNrfb434N7xEBLABJzSkfH_A-AEA5AGAaAGTYAHi9esiwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8X_gw_QEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoYcIZ9jHqT-PQMO1DiQKm02cqPF-E9QX7ipY6My5zjl5HfzYeGA%26sig%3DAOD64_3ADLkDY6TjdxOJJ9nXXaMz5OH3_A%26client%3Dca-pub-4627517680249670%26dbm_c%3DAKAmf-BH94AbipNbI8mg71GdkXqsJ_6j5T1wruKCwD3rxvYTI5LHqZobYcAR-uMa2JF-YqKFJOIQvFAbcRZVppP4Sx1QyrCNLUDFkUYsayvtRkjCU1Q3Ct2bFZDhxRcy2EJP224Spq1JyX0LFwQKeZYFN31Va1MEiA%26cry%3D1%26dbm_d%3DAKAmf-B4X-18wPpFkfPM4BEExsCmzMa4ugiAK4peNF4x39RLKYICzOCW0COoGwHKKJOcBQ0fJu_CldUBW_Kjj23rWV7A_2IFay9ysqO1Jvq7bZzjEk9v4Pgi9-ndCtWsiBdCDjvgK5F8UsB4UyEYKF1L5F-8eExVgYbb21Ezl43uDZYkKZuxg-qd1gAWWrIM1jTG_EbKqkVAjAw8nVhyZ2tnkOzPsB5Kx49SVm1KlWvcWuO7kchpg07QIwrv94g6sXoqoByOXWZHq3fUBIxobNbXkEfgaSgF6xz6dK-ysHRk8OSAdMyIb9cLDYsw8JGW_g__vyZ4MGYnlz-pAT3ZwJuIOLRfDLAuc9tZYOwETIIa2GQsGp2M2rTiW6yecOcKINlAxgY0P1qv3DspWBEhbolqoE_bs1tKvWaQgOcqwzG0_rpvDr9vhk_QehDp7TDFzcno74ReJRATTNurjt0PvdCP7rOVAWuP50p-IvlEsIx31XLODEEHIkVgzU-KNC9j5qxV7uapfHBgMSba8NdUcuNnTXCCrY0Lxo8IjLEV-8IaDGldni9vwKNn1Q4PGRp5Ppj_HppYRt9V_R_ceqnvaEJLhck2gnesAg%26adurl%3D&e=0&ord=1651379259703583&ifrm=-1&z=10000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8cf2728f446b8c3fd9e58430b9b7552e54967097d6342495f3044db35796a067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"69eda084c0e3b651f69adb0d8803e4bd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591123
accept-ranges
bytes
content-length
83054
x-amz-cf-id
8f_M39XXDf4aYjLvifHrVHUxTQuPt44AmlHbd26wBrqpuEuky-FjSQ==
ebHtml5Banner.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ Frame FE6B 		309 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1077710669&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC5Lj_OwxuYuv5KsqW9u8P_I-Y6APYqeDpadD9x8DBD_AuEAEg7_aQIWCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTuAU_Qb-2Qm9_HHevsV1vATlao39JkJme3oBFOLdmEtjaH1D2ZQO-pHxdSx-10R4tnnZnXXucy5OXR_oYXW0lLSfHJkH7vmgDJ6riJAZtuQxo3U0nAg_TXx_ln6Ad40BkXtQv2lhKilW3LcQyZLyaAC9Qgsmd14ENvLTMCgeCSsdS4_biQZunT0LKGY98S6b8fPcMDlFvbpyGEd-Cywre7KMyRQ5RaDn7cIvT4_01MtDriKu8H2piWhIOTm0uYN46cCX152ico8PmMCh62Yz-t52UAqkEYbVaHZKqExhGzUxjAi4t0pgggSvknMYqi29jABJzSkfH_A-AEA5AGAaAGTYAHi9esiwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE8X_gw_QEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RowiMpgqsRl4DcXPa9szBwn5GDIJNnAkmmYuAgI3aYIVv6WdkeNA%26sig%3DAOD64_3kuqUZHOxRMuERxcU-f4P8-ser5Q%26client%3Dca-pub-4627517680249670%26dbm_c%3DAKAmf-Dxui5YlSaA1aBmBOTHOjis-liYBr3OmRDEBM0KZCvqvKXfIB03Ww_wVwML_nCv4GqUZHPxIvszJhpTAaS0XLPFybFqBwClh41wbkkzs8YDKanoyxSYO26VKywkzely-kI7MdrSrRGcnMZShmoULEL4f5p04Q%26cry%3D1%26dbm_d%3DAKAmf-AxBucyAu38l5-cU_0okD7wKbq0w88mAiiDBxmOkyu8C2iEHrzrnWyhPwBA095WIrCXbB1oD4qE_fB6hmqw8C1G_DmlFTh8R-u9yENSz_q_l_FnJPlm3wzce58DbNrMlR8zv8sL_mknsaYhiRV2plZbNtpUx3P1jY68ci7-2OrVlC9XqVtNa2zECE3TQNA4I94EFAllcRWUccj6PGF18WwFm38d1GYoZf11oRXzp4zN8IZ1xQlhlPfTq__c3IoYoTBgNqNZC7W1b9DPbLMEc88nH3naP8yFzKS28Z9Gl7GE3ndZDoZSUl8r2rnaVgV4Sdszzjof0c5ScO9nMaig-gUHiYF_-nofzjY2_wV2EMkDF5EOGPOLBJp2k0JX5mTzFZeHQptLm2zULhcY0Ya1vFRWKXgEK2TOzCPP8ABCDDfXyOkuV8z29iAUDHppgMkLdbPSIX82mNzaC9AgAwODmubefXxK0mCYao_c31VtGuZQnXkxBK2eDRnYBr6FOeTuT11BIDdo88TOiB4gWf3OICKDn-ax78BCUYG1yTu2JEoK4OJMS4DMQhiFkhAeN72gvrOjQ38Ra4I6cU_xiznKDHpHsLJ1qg%26adurl%3D&e=0&ord=1651379259703723&ifrm=-1&z=10000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8cf2728f446b8c3fd9e58430b9b7552e54967097d6342495f3044db35796a067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"69eda084c0e3b651f69adb0d8803e4bd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591123
accept-ranges
bytes
content-length
83054
x-amz-cf-id
8f_M39XXDf4aYjLvifHrVHUxTQuPt44AmlHbd26wBrqpuEuky-FjSQ==
index.html
s0.2mdn.net/sadbundle/17679434869003470663/ Frame 44E5 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5500d45b1c2ba33aed3bf5761885a8f15294a07be5012873dc0beab8b0d1fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1867
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:40 GMT
expires
Mon, 01 May 2023 04:27:40 GMT
last-modified
Tue, 15 Feb 2022 16:17:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9F6B 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzndFEuzNRGcmQmSQS6vXwEDdQauxwb2XdXtAahInhBO6mopozDErbcIYFeYSsv1Y3tdsQ9qiLqqKd5cH6glHr4BYWmrIW3Dp47sQ9E0QOcISdYvi7ic6_eH3MTLDFBkJkC6jkt_RMnSFAaE-drjnGAvE2xricTzDnNKuaOk9xGQqLj741K0qZf7AkuEUb6eB_9Jkcl3AuLU6jR9j_Uf2eXmlQaYoWbZetogKnItW2TrX_2zcg-ZN217_nyGoR86hKs8npMq1chN0dy_-eJwq5QvMZh2kzTCuLTKG2RBFylm56OvG-9eW5HcAZjsdPGQwkm74-nTnJlnJZNhwck9icHpMPFnxtSEa6NCbUY3zF8m2539g6_EH990Pntc4YeiBkULrKJJId54yMmE0nBd41FeDlZqttyRb7xaaOhl0b0TM017Qvi-4TKDI3PRj5_NoiDfoL9RX1WCv8VLJEZNfm04F5m-hPB9w51GUOeCNOaSZj1seirDp6pXgo6JOvhM1kQAd-J-tEAZ9fhtLGq-pC4T5K2JsKAuocLlo4OJizZANqvGTGHwk09OZiy5XYHVO3lwwCOobWUaz-kBTTci4ntG6O-ZoQZim44qDmfdv-FoyGKcQkQOKKkwQwU4FvxJJZ5fBsmz6Aj6Ay7E1JnFt-BeC83zdLAU-CS9bfEIxZg-txvfPLlPasXoAqm2Wwa3bx7QznfULpcRZPyVYfcvt9cJ_0EXNVV1f6xBCxpYE2EuctEQ7gbLQ6jxVwWmtOjnBxdEh6rPO37GbftEX1D4hWoPErNN9YMn7RAv6wd0mUy9iYuYv_MhBx-YLZm5TVjrxCIVn9iogoXcqk-ncmfpCNthkvq90xfpftiUrhpUkA_AaAzBoTR1alxrWSFVfZqJSQJgO8PPqmdg8zQAJrcnwdtVPzJ0J8M1mjbWq9PTebQ2w6P3surIrgZRDAArbKxTVIiQT72mLqf6U28jovBZygQ06XKDswOVbnoofAkqMOIzF19VpnBahA-Xi13nQVbO-GhSWPCoa79k_ffMTzvdafiAmBqZZl5h7VPXi98Mez1CWYEDtL1nZJGIp1kejSjm9WL5MvJ5ibOrXHxEPsBloFuTLE-tZJD5XXojs3-ni7e3iNWNRhnTfW6X4OVJjDYY58dwU5hu6f7jjSf4x5LO7BxiFqAo4t-Q6sen0f2DIfrwTvdhj9D2M&sai=AMfl-YSkuSpDnzGyt5BfCQN-QZJROuaxEshM9Tzw4NpLbYHsWxd3ZStaYVxWskh-We2FZvidoYb2nu1OtWBkfjOrekPD0XBy3Vcjw6Lo8M9ytSe8reNPv9At4wXHSfAh26TwJdx39NpcKJjoDC1enXl9NApvF8Qtycbdi-UvwCahFgOdj8awTovYD6MA5NrVwBYZ3Gtp64IWsnyHkXj1_wkcjgCWSr1eFyI&sig=Cg0ArKJSzHccksxQv9d4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=183&cisv=r20220427.56396&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/10293882537410579719/ Frame 8C71 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c465e4bb985e5293a834f6a1218bced00691220a32ac333fb347018fb9f28ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
339210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1428
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Apr 2022 06:14:10 GMT
expires
Thu, 27 Apr 2023 06:14:10 GMT
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8834 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQs7h7FRjQTC6MEqZVCTuvvg71iSoWHsNjxhWEgapfvp4ZD0RVZZxXVEjZi-eNPT5aB6FA-QfDjDQIwWIG1ny6Y_EfhlqSecsEmHOpzl5fDKL37WiQ8QhuxMpBfxfNGvsbXh_I_17Ra4HS6E6Cpo1-FLextSROLoPaXJGBOFugzqa_lJl5PxTum82U8WnGtIH76JkHNJgFrrhMJRBm8x6yP7LE-QdwlNkgoY197zVDrFQHxg4N9oEo75wThv6tBLm8o8dpO67K8FBELMDdgkfPhc8PUl28AmVWopFu44bmspTzuRFWFPyb7z_ddTy0x9qk2ToT4dDi5v9iTVuY7_lh-f6kwKbGPcXCZwKxWVsRGbSkndmilKXdb-znZAVRZYqCi5yjGuPXB7KvOMZLr_BoooCu_0KjCXiCFY8yvG27Ou2G-auNbnT5uo9z7iXdsKymkMNLq5BihnJhTnXaIWW5R3QquN2_8WyWeh-cqFvD81a3CMKW8zUFh_7gHSWYQEeDwpDwAPg0vw0v9zO0JWuCJAnOlDTbdLhM129MSVI_xhxoB_38zkieGvQSQ_3mBD_s_1XFehU-lAss23zU1VFbFSUKHGmjQFkqStrw3lCrqcZ6KsiLZZDHpzLMaWm95K_QHbdyeddnBTunXvLdkHJdtnZk5pPdr2ehSmZi31pw9weaiY8GxueSyH8Omhf9tKnpqp-fWMCClOEQmM9GgW3us6qzSKkfkmrNHIFQ7-sICTCoHLvDRHMMV1G9k5twTv543exiOUFaJjGy9d4A3f3kdKmlzOtwR6BdNMTqIPjuPcQiGcTNAmzsEV4x-IXAT3WoXJQFY0nYjm1GBiuQWwtbFcrUBetzgHVGOJ6lJlB1-FYh-EjZAetLLu-5nfwCOOkfp3DXKAZ0oR0JcJ0c1d4XseGkFfq0UFipfPrMRmhH7WBsrxPwq-s1zET-vn25iKWk4EtETi37-zZisa1yqUlgqbXZLZRntvvm2HUoR58dD69nYdf0u-5KKCLKLliZ4mzSDr_oWEsDb0huDuwwb8yeaP5oHdAe8UQ4hIjepnSW_I65UHgWkjAFaUVV1A0RnFnm7Oci-85pFR1ZIX2-0oa0TGNiHYrw9NmxTC1ZhsiFUb1oy_iCUG6-d7SlZYcqBQxIcp1GwzrkECA&sai=AMfl-YTf_CDL-dwS67H2W1JO_IcGMUPIyihmg-HOb29pLydeTjPDFI0L7t7tzgvm7UvaY9-N7qzR92WlaCKucjaMbOPvO2U6m9xwHS3V4GJNXKDsftt6X67ip7nik_VPfuH4Zwvvxoutl4xTRzfSgH0qSeJg-EqT1Nvaw-lM4tsr79k6XF0Gh7D4BOV9oW1dj1suvDY3hkndXBjtrRj-3UKo441AmHd7sck&sig=Cg0ArKJSzA9dbh2kx5tqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=187&cisv=r20220427.97287&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 6EE9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed305a0e1f7812046dbe0294dc8a9eaec13ac7d7ee50b630210347a44f180910

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FE6B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18a3c4de768fca8e04fb15f683a1a56533841c540755cca1ecf4dd8ab6c9d003

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9F6B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 11:46:57 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.16&apppkg=&fv=3&proto=https&pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&e=inventory&vi=100&cb=1651379260793
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8834 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
URL: https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 11:46:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A704 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
247655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 07:40:05 GMT
expires
Fri, 28 Apr 2023 07:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AAF0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
247655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 07:40:05 GMT
expires
Fri, 28 Apr 2023 07:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3017 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpuZHB_tvQ4y_XvCrLxi-i7iYPDe9nzNrJ3mQJCzp5lMiEZ5r3DI9fzMxtVuDey5R3CWeMu9mGxkWg1QuNGHuayE5rwXJ-qZWWgaNmd8z7HoFzSyZz8CxO8KPD8ZZZ1wVh_7LCIt5K2mgwJUN6nwEELZLWwipLUwyiPozUdHF4APOIwBXgbPd1fMpdEdnS_CPwYNq2hHYNXq04vGPOAPI7WnX4NRT6Sh_3yrr1dnnSH-bywnYBK7wdEIBQdrGdteTiUOBkQMzI_U3IaEm9wB1IbTR5iN6s90odPgOp6RhADgEExTKPUfZwkT3nNFvx5P13gvnp2lrmkWQr4xOf_wp4QwY&sai=AMfl-YQf-h-qMpPP78HFmuXRGEr3Jm8ckaBhuzRZpZvn0VG50czmwHlfzV50mKhx4O7zSCxv1VtDGtoQ7Me_Z4O1UFhTb7nfDOCx64MlbTs-92sxyBlni-95dmf8mT3n02o&sig=Cg0ArKJSzGjCYwIBHVg9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 01 May 2022 04:27:40 GMT
truncated
/ Frame 8834 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3eefb6c364009953367722d6f06bc4663b55af72a7a7b692aeba0267cdc7926

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9F6B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f56b29cee053c5e5320fcd9ca9c5697dc170733c630b676100c6006c9b36c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
framework.css
s0.2mdn.net/sadbundle/10293882537410579719/styles/ Frame 8C71 		7 KB
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/styles/framework.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b52e3c4c37ea20ba19251a2d6a41793d3cf0a84a612a0618dbdba55fc555e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
755
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
framework.js
s0.2mdn.net/sadbundle/10293882537410579719/scripts/ Frame 8C71 		565 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/scripts/framework.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215f500ae1db630213530e7682c7bc7c64a72a85b8e3e51c9b56a97436d9e05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
bg.jpg
s0.2mdn.net/sadbundle/10293882537410579719/images/ Frame 8C71 		799 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
768f4c95d99e932e9205cca261eef5aaf6f3bb89e70929834708277308fa09c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
799
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
content_1.png
s0.2mdn.net/sadbundle/10293882537410579719/images/ Frame 8C71 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/images/content_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b45376f36aec66b009e495643e5fd133d082a4775094058afeae2a0bbaf4c8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41233
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
content_2.png
s0.2mdn.net/sadbundle/10293882537410579719/images/ Frame 8C71 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/images/content_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4ca3306bea5dd0b61c441485218889c2cfb00ea53bca2c9e62d8e6137f8b9a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42518
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
content_3.png
s0.2mdn.net/sadbundle/10293882537410579719/images/ Frame 8C71 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/images/content_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82b5aeb337e8e379d5ad72caf88872457e48f21b9a9dfc3dda30f13def8ba4bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5504
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
cta.png
s0.2mdn.net/sadbundle/10293882537410579719/images/ Frame 8C71 		609 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10293882537410579719/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e66fb17a34fe78c7f08bc6e559d8bbcadf08e6f30d3989dd8251a6f887ac66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10293882537410579719/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 06:14:10 GMT
x-content-type-options
nosniff
age
339210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
623943
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:08:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Apr 2023 06:14:10 GMT
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		21 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&AV_CHANNELID=611edd025340b7439c55794f&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=611edd82ba4f701d4d14c7dc&AV_TEMPLATE=611eddbb0ab5df1de52e23a1&d36=6.2.16&responsive=1&sver=2&avtoken=260792&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1651379260863
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.80.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-80-154.compute-1.amazonaws.com
Software
/
Resource Hash
1d3bb5a80fa39b7d74daf4c3b88f346d1569cdaa467442fefe3b3c9bb7895baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 19 Apr 2022 14:41:01 GMT
1643485919913.css
s0.2mdn.net/sadbundle/17679434869003470663/ Frame 44E5 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a1c9fdb08fb832504d0cab26e246ebbee2f0d4a9fb0d18a04ee7a9d6f6973c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 05:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2146
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 16:17:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 05:20:25 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 44E5 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 13:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 13:54:34 GMT
1643485919913.js
s0.2mdn.net/sadbundle/17679434869003470663/ Frame 44E5 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 05:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11114
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 16:17:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 05:20:25 GMT
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/ Frame 6EE9 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/URLUtil.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"5ac70b83663a79f3a383c3a53f62eafd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591142
accept-ranges
bytes
content-length
1947
x-amz-cf-id
rHTFJej_-IZERX-f4gD-yoXdQJl7K3Pqrd7rSyYjL_pNyZvlUUY65A==
index.html
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		101 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
357f039483b1c2188c6b73f18340a5303b64f027f13116c10e712dcf73fbe06b

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
19562
content-type
text/html
date
Sun, 01 May 2022 04:27:40 GMT
etag
"18579eecafd85f76197d004f7176bed5-df"
expires
Mon, 31 Dec 2035 00:00:00 GMT
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
vary
Accept-Encoding
x-amz-id-2
aNUSpdvd75FO9UUY+Gn0qkcwpsLBUq29axojGsyB7rd2LztczeGn3feXLmqjmGYZuZSXzbc03/4=
x-amz-replication-status
COMPLETED
x-amz-request-id
9W98T7JNMM13EPW0
x-amz-version-id
Y1hKNGyVcr9GXGY5YqVyKTWYF9Z8NM6Y
IntersectionObserverVisibilityProvider.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/ Frame 6EE9 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/IntersectionObserverVisibilityProvider.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"e3dd27b7ab9e71c38170980ebbfc1df7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591190
accept-ranges
bytes
content-length
2962
x-amz-cf-id
Ba2TL5wp_AUkRo2t1L8UEhlgt7yzG959GhDQyX8EleO2wuqLUSwKlw==
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/ Frame FE6B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/URLUtil.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"5ac70b83663a79f3a383c3a53f62eafd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591142
accept-ranges
bytes
content-length
1947
x-amz-cf-id
rHTFJej_-IZERX-f4gD-yoXdQJl7K3Pqrd7rSyYjL_pNyZvlUUY65A==
index.html
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		101 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
357f039483b1c2188c6b73f18340a5303b64f027f13116c10e712dcf73fbe06b

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
19562
content-type
text/html
date
Sun, 01 May 2022 04:27:40 GMT
etag
"18579eecafd85f76197d004f7176bed5-df"
expires
Mon, 31 Dec 2035 00:00:00 GMT
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
vary
Accept-Encoding
x-amz-id-2
7WpIC7bMX4j2AUn4mh+lhjBIgJ0Kg7/PFKZrHhBWfQ76Z8b2NF2uFkNy1h9B6PenqYTyN9RYns8=
x-amz-replication-status
COMPLETED
x-amz-request-id
X31RZ19A858PQ8ZN
x-amz-version-id
UCZ1pkxcC7kiVdlV6oq51eCPFuYghoWF
IntersectionObserverVisibilityProvider.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/ Frame FE6B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_85_0_0/IntersectionObserverVisibilityProvider.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"e3dd27b7ab9e71c38170980ebbfc1df7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591190
accept-ranges
bytes
content-length
2962
x-amz-cf-id
Ba2TL5wp_AUkRo2t1L8UEhlgt7yzG959GhDQyX8EleO2wuqLUSwKlw==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E1AC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:09:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E1AC 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame E1AC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 04:11:08 GMT
l
www.google.com/ads/measurement/ Frame E1AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaThMb5MR-UBvHbPrvk5TEq2gvVZMkSUhOOxq2Da8vkNI3B46R-Wa6FeIt1JzmwjsXF7OwZ-eYzyaw8Cbt2Ymuow9LOcfw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8716 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
247655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 07:40:05 GMT
expires
Fri, 28 Apr 2023 07:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D827 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
247655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 07:40:05 GMT
expires
Fri, 28 Apr 2023 07:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame E1AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZUJNPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTZAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2H_D5G1xhVM_XUcti7GXlwGwLNT4k_66Xmd7RA6XAQJIGSYWMuaw2ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=qNCUS_IzGGY&uach_m=[UACH]&cid=CAQSOwCNIrLMcrB4ilMkFxrz2a1-4_2nZNwPl-QmfvZlr1kYmfd1LJeEdKBR_QPKg5FhgEU940t6dJnInNZhGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 01 May 2022 04:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame E1AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jremjhey4xvpaaf1pfprp2448j6y1a7b7t00cfbkpcadrhcw2b0ttnx9ehtnbc24zennyzaa9b0g0qp56b1r10mrc460jjzfejatgc12jkbv5xfam5fp8q2atb3s1e1vc91b6nbc628gkkqgpqy6564cvam9q8mjqymmzry5c3snmsjvmz41zxqj32nwqfx852c0m2brt891k8390zjnea82fpkxpf2654rx9aa4expvymgz2t75p1wn82mdy1kbw2csx8m3hnnymhq0e46ap704z28xmnn8cfzfpfe5dghvrfceqgsay70scxqdkhe09b0vny3bgjdp52yh5ja05vb0yd2rtzzgvv5xesgx377rtbecsemjgr9yqbxw8snbcte7mfgczjd43rtfz40erct04f7p&b=Ym4MPAAJkgIKGFVHAALHiTg2cTgDP2wLIwKK9Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3B2D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gj5143v5gx64zjzxhwxenys33m7eqgba1473h47z1brcg5ren6gbnnysyhmfe8kwtv9s7etbr2mah08g6whswabfztwjmyjxat8c1a0y3f2pc47r1yqbn4h6xqd3xehkwa2p051w3rgm7wf6ngftdqw2s8stbw1s06p0c19qcehstdw51884vrpahrw4bjh7gv6ayeg8jkdzhqh7jdk323frdhpg7zxmmv7ztmc6p536xxzm071kb30tay2fey4zjpvrbz6qawg5qwchtk8etc1v192sqz3wndeam8nkyfp2fj05x8cgza89pzwhheqqp24k4fthdreea1h47frks761mk8kwbeq6ppcw2nk4dyw15qjn8kjvqyvymmn1trp5phwz55k6kf8mza3rvakv5mw2mv9jjw2verx9xw18fcvgkxh140&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651379260331&bpp=15&bdt=92&idt=248&shv=r20220427&mjsv=m202204260101&ptt=5&saldr=sa&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&correlator=5072026763038&frm=23&ife=4&pv=2&ga_vid=1102668645.1651379260&ga_sid=1651379261&ga_hid=1977411943&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=3413508049&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544%2C31067322&oid=2&pvsid=1749102031733190&pem=846&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2ae3yilq4aq&btvi=1&fsb=1&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9588c4fbccc38fb4223ad4661281867b1c097dad925efa7cef5a8fb73f2e5f3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7045c41d69f23754-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame A704 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame AAF0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
logo.png
s0.2mdn.net/sadbundle/17679434869003470663/ Frame 44E5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17679434869003470663/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 05:20:14 GMT
x-content-type-options
nosniff
age
256047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1954
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 16:17:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Apr 2023 05:20:14 GMT
evt
lm.serving-sys.com/lm/ Frame 6EE9 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.141.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-141-3.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ Frame 6EE9 		24 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=6066929791786573377&ai=1086505979&usercookie=u2=fbaf37bf-cb69-4059-b9fb-dcabe455083a&oo=0&clsrc=2&clbv=_2_218_3_0&gdprpurposes=1023&dg=1076818614&sdg=1077604534&ctick=137&ord=0.9260172039226002
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
cache-control
private
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
evt
lm.serving-sys.com/lm/ Frame FE6B 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.141.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-141-3.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ Frame FE6B 		24 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=3115928161257592550&ai=1086505980&usercookie=u2=dda626ff-1a28-4716-96bc-f1491abf4ed4&oo=0&clsrc=2&clbv=_2_218_3_0&gdprpurposes=1023&dg=1076818614&sdg=1077604533&ctick=109&ord=0.3344424967203661
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
cache-control
private
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8834 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQs7h7FRjQTC6MEqZVCTuvvg71iSoWHsNjxhWEgapfvp4ZD0RVZZxXVEjZi-eNPT5aB6FA-QfDjDQIwWIG1ny6Y_EfhlqSecsEmHOpzl5fDKL37WiQ8QhuxMpBfxfNGvsbXh_I_17Ra4HS6E6Cpo1-FLextSROLoPaXJGBOFugzqa_lJl5PxTum82U8WnGtIH76JkHNJgFrrhMJRBm8x6yP7LE-QdwlNkgoY197zVDrFQHxg4N9oEo75wThv6tBLm8o8dpO67K8FBELMDdgkfPhc8PUl28AmVWopFu44bmspTzuRFWFPyb7z_ddTy0x9qk2ToT4dDi5v9iTVuY7_lh-f6kwKbGPcXCZwKxWVsRGbSkndmilKXdb-znZAVRZYqCi5yjGuPXB7KvOMZLr_BoooCu_0KjCXiCFY8yvG27Ou2G-auNbnT5uo9z7iXdsKymkMNLq5BihnJhTnXaIWW5R3QquN2_8WyWeh-cqFvD81a3CMKW8zUFh_7gHSWYQEeDwpDwAPg0vw0v9zO0JWuCJAnOlDTbdLhM129MSVI_xhxoB_38zkieGvQSQ_3mBD_s_1XFehU-lAss23zU1VFbFSUKHGmjQFkqStrw3lCrqcZ6KsiLZZDHpzLMaWm95K_QHbdyeddnBTunXvLdkHJdtnZk5pPdr2ehSmZi31pw9weaiY8GxueSyH8Omhf9tKnpqp-fWMCClOEQmM9GgW3us6qzSKkfkmrNHIFQ7-sICTCoHLvDRHMMV1G9k5twTv543exiOUFaJjGy9d4A3f3kdKmlzOtwR6BdNMTqIPjuPcQiGcTNAmzsEV4x-IXAT3WoXJQFY0nYjm1GBiuQWwtbFcrUBetzgHVGOJ6lJlB1-FYh-EjZAetLLu-5nfwCOOkfp3DXKAZ0oR0JcJ0c1d4XseGkFfq0UFipfPrMRmhH7WBsrxPwq-s1zET-vn25iKWk4EtETi37-zZisa1yqUlgqbXZLZRntvvm2HUoR58dD69nYdf0u-5KKCLKLliZ4mzSDr_oWEsDb0huDuwwb8yeaP5oHdAe8UQ4hIjepnSW_I65UHgWkjAFaUVV1A0RnFnm7Oci-85pFR1ZIX2-0oa0TGNiHYrw9NmxTC1ZhsiFUb1oy_iCUG6-d7SlZYcqBQxIcp1GwzrkECA&sai=AMfl-YTf_CDL-dwS67H2W1JO_IcGMUPIyihmg-HOb29pLydeTjPDFI0L7t7tzgvm7UvaY9-N7qzR92WlaCKucjaMbOPvO2U6m9xwHS3V4GJNXKDsftt6X67ip7nik_VPfuH4Zwvvxoutl4xTRzfSgH0qSeJg-EqT1Nvaw-lM4tsr79k6XF0Gh7D4BOV9oW1dj1suvDY3hkndXBjtrRj-3UKo441AmHd7sck&sig=Cg0ArKJSzA9dbh2kx5tqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=487&vt=11&dtpt=297&dett=3&cstd=187&cisv=r20220427.97287&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 9F6B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzndFEuzNRGcmQmSQS6vXwEDdQauxwb2XdXtAahInhBO6mopozDErbcIYFeYSsv1Y3tdsQ9qiLqqKd5cH6glHr4BYWmrIW3Dp47sQ9E0QOcISdYvi7ic6_eH3MTLDFBkJkC6jkt_RMnSFAaE-drjnGAvE2xricTzDnNKuaOk9xGQqLj741K0qZf7AkuEUb6eB_9Jkcl3AuLU6jR9j_Uf2eXmlQaYoWbZetogKnItW2TrX_2zcg-ZN217_nyGoR86hKs8npMq1chN0dy_-eJwq5QvMZh2kzTCuLTKG2RBFylm56OvG-9eW5HcAZjsdPGQwkm74-nTnJlnJZNhwck9icHpMPFnxtSEa6NCbUY3zF8m2539g6_EH990Pntc4YeiBkULrKJJId54yMmE0nBd41FeDlZqttyRb7xaaOhl0b0TM017Qvi-4TKDI3PRj5_NoiDfoL9RX1WCv8VLJEZNfm04F5m-hPB9w51GUOeCNOaSZj1seirDp6pXgo6JOvhM1kQAd-J-tEAZ9fhtLGq-pC4T5K2JsKAuocLlo4OJizZANqvGTGHwk09OZiy5XYHVO3lwwCOobWUaz-kBTTci4ntG6O-ZoQZim44qDmfdv-FoyGKcQkQOKKkwQwU4FvxJJZ5fBsmz6Aj6Ay7E1JnFt-BeC83zdLAU-CS9bfEIxZg-txvfPLlPasXoAqm2Wwa3bx7QznfULpcRZPyVYfcvt9cJ_0EXNVV1f6xBCxpYE2EuctEQ7gbLQ6jxVwWmtOjnBxdEh6rPO37GbftEX1D4hWoPErNN9YMn7RAv6wd0mUy9iYuYv_MhBx-YLZm5TVjrxCIVn9iogoXcqk-ncmfpCNthkvq90xfpftiUrhpUkA_AaAzBoTR1alxrWSFVfZqJSQJgO8PPqmdg8zQAJrcnwdtVPzJ0J8M1mjbWq9PTebQ2w6P3surIrgZRDAArbKxTVIiQT72mLqf6U28jovBZygQ06XKDswOVbnoofAkqMOIzF19VpnBahA-Xi13nQVbO-GhSWPCoa79k_ffMTzvdafiAmBqZZl5h7VPXi98Mez1CWYEDtL1nZJGIp1kejSjm9WL5MvJ5ibOrXHxEPsBloFuTLE-tZJD5XXojs3-ni7e3iNWNRhnTfW6X4OVJjDYY58dwU5hu6f7jjSf4x5LO7BxiFqAo4t-Q6sen0f2DIfrwTvdhj9D2M&sai=AMfl-YSkuSpDnzGyt5BfCQN-QZJROuaxEshM9Tzw4NpLbYHsWxd3ZStaYVxWskh-We2FZvidoYb2nu1OtWBkfjOrekPD0XBy3Vcjw6Lo8M9ytSe8reNPv9At4wXHSfAh26TwJdx39NpcKJjoDC1enXl9NApvF8Qtycbdi-UvwCahFgOdj8awTovYD6MA5NrVwBYZ3Gtp64IWsnyHkXj1_wkcjgCWSr1eFyI&sig=Cg0ArKJSzHccksxQv9d4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=512&vt=11&dtpt=322&dett=3&cstd=183&cisv=r20220427.56396&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adkit.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 8660 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 22:46:45 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"257b68f9ecc3e5a28f10fd241e580d02"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
22930
x-amz-cf-id
vQLY3ym_n7F-zxDRS0U8w4gWWVHfy3OCaX3m2glknZbjIaSMDvI0BQ==
adkit.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 57B6 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 22:46:45 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"257b68f9ecc3e5a28f10fd241e580d02"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
22930
x-amz-cf-id
vQLY3ym_n7F-zxDRS0U8w4gWWVHfy3OCaX3m2glknZbjIaSMDvI0BQ==
truncated
/ Frame E1AC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70f19923577630c8229e44ea4087938a33048173f1ff2e131799266d688e9e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 8716 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 44E5 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 13:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 13:02:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 44E5 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
817ff24cc14385328aeb2c2d8791c71a00ca86c8c8bf10cb7f5c22ea45e94fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5633
x-xss-protection
0
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame D827 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame 9346 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4879687d5f38f71840f8c315bbaa3403988c1ff05f74b8d7f9f63217a4efe6d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
WeuRdFonru35rvKOFCuP3c1BZly40Qni
content-encoding
gzip
last-modified
Mon, 25 Apr 2022 08:13:10 GMT
server
AmazonS3
age
72862
etag
W/"4445499833a130b772011ba81f226898"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date
Sat, 30 Apr 2022 08:13:20 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
wb1NYkX9YGV5e6yvVnE7zxAUun_vaXDFJAnFkBNrR1vAluZlCcY_tQ==
adServer.bs
bs.serving-sys.com/Serving/ Frame 6EE9 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1086505979~~0~~1076818614~~6066929791786573377%5EActualSize~300x250x0x1x0000x1x0.9984x300x250~0~01020~215$$&usercookie=u2=fbaf37bf-cb69-4059-b9fb-dcabe455083a&rnd=0.294759599038972&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame FE6B 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1086505980~~0~~1076818614~~3115928161257592550%5EActualSize~300x250x0x1x0000x1x0.9984x300x250~0~01020~185$$&usercookie=u2=dda626ff-1a28-4716-96bc-f1491abf4ed4&rnd=0.3041602508586996&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.8.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-8-244.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
boton.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/boton.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
31b57cced8b5126b4f8ce6063b0f2ea7174c2bf57af16a536b959e63b23d4154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
teSeeg3WtKlq9v8gtMdLqctZeEJJnR5H
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
2SXBF925X4QW6DQ7
etag
"f1ed2d380aca5722e9578db592c53ce5"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5830
x-amz-id-2
16qx/gXhf//+DtadfTOEGpRZGzxBXeTFEUU6+UkF1QJ/co4251WYK6x1nxW/LxyGhH10P6yVH6I=
expires
Mon, 31 Dec 2035 00:00:00 GMT
claim.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/claim.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
73a50b6f3b628120b6f984c37e7e74d9ba25576d0db9fe71935cf887da45b250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
eFsaOs4Y0Z3e9cv_sx_ETBbfklNgvyoG
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
2SXAMVB6AX672QAJ
etag
"7970acc89343d928617c0dbb426c2d75"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5354
x-amz-id-2
Okm5wobrGMTRqBYN+g1zpF20lo09EGnl4e2Y+RFJLw8BEYxroxWDM6zPTaxsZGnue2FLCrpJsJs=
expires
Mon, 31 Dec 2035 00:00:00 GMT
linea.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/linea.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
8e18cf5d5256fe9f9b3352ac3dc7e1b98fcadf1e8dce823a44b1c2ba8b376e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
PsvuV5U98y.Ev3vSyE0kLNosbv3bSzN5
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
2SXED88DJVAMAAMS
etag
"0bf98125164f3f35b3368fc31c43b820"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4302
x-amz-id-2
f6iKFq+X498etA75863hl46iAvc2VMlXqq7tlNe8PxIVwlN3NQEP5Ci3PdRG/aTjGu4QE8PJwfA=
expires
Mon, 31 Dec 2035 00:00:00 GMT
logo_menorca.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/logo_menorca.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
01b56286bcbb811853dc20ca78706e4a9657dd4e07aa19f893ab7d3e0ff2259d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
E_SkYf2krrqd1Xn70EJeNpd3o8LJQCSq
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
8FYJPCP2G4XQVBWT
etag
"9715943320e55da53c0150b0ae1ec215"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
9615
x-amz-id-2
qRrMvI1pIWHN0r/SWRgDkJKCCpWT07ZSzbq6RO+/9Y12ZVXs5rqcVAAHmyrH6/+my4tzvTkWJK0=
expires
Mon, 31 Dec 2035 00:00:00 GMT
texto.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/texto.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
a31ee07bdb33459b639c2810db71e1c79d153db6a65d58bb1627b89efe39c343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
cIAdDx5WShN1.j60V70Lvd58QM3dvFHq
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
8FYMB6Z1JE0ZCQDW
etag
"23e606a7b5e4f6f32a845725a197cb6f"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6693
x-amz-id-2
iEERA+xgSFzL5b3jZA1J2jFS6XLo8pTBL9CWjTtydTmeW5/DOcb0aR83AVoQZlGNSjEY8o8nnFc=
expires
Mon, 31 Dec 2035 00:00:00 GMT
titular_03.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/titular_03.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
658f5a1d03b4252bf444f01f270804714aeb52d50c5ebbbecb139cffbfd5c5d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
r1suc.uVxlwZ1MD6Q2MNc.6vQiZ5TCbg
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
8FYSC3NGSD1JH6JE
etag
"b1007a620e9e5e5494dec1f882cb6444"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5470
x-amz-id-2
gTGZmAmtWrQQ2L+hg2V08imO+nllikFx06hyIq8jF+dTF3qhUGfuQHu813vJsVtCE+z0eDl1B6M=
expires
Mon, 31 Dec 2035 00:00:00 GMT
titular_02.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/titular_02.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
b123247822002fe5ab01c7ab7f626262883ca0713b79cf1eb0979e7526b1a488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
UtnzAVMYIHvHy6L42j2Zkj1svQMvzWxw
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
8FYGM2XD9Q6CXWFE
etag
"fc50053d838e98cc58f67d7027c428dd"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
14106
x-amz-id-2
QRn0IteXK/WaOlku+mxpy7e22YIAVk11JXvd9qsdaDBGcEav7kXPEz8g7yfCFH5qoEWwn2QsunA=
expires
Mon, 31 Dec 2035 00:00:00 GMT
titular_01.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/titular_01.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
375b5a17e2fb4c94819609c1fd75be3c1d495ba2917787690e8a60cabd37d8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
VdP2FqRKGFDSgalj4LliAw5raH5X2dS9
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
9W949HWB6AQVJWVB
etag
"80309a34c7b7abd00572093e8b22b9f7"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5878
x-amz-id-2
dYCn2pGg7A2vLkZ6x3LdjM4nlq7OtDzBxJrhOnuGSKKssvGD+Lx2j9VPaW3IHy7iazp27fVrzs4=
expires
Mon, 31 Dec 2035 00:00:00 GMT
foto.jpg
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/foto.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
efccb1181f94d629db5671744538c5ed80ece8d5f684cdc2b4fb2353c6f4509e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
qd97C42zg_mO8Dl5XpEE6ewnT_nDFFZK
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
R6NQV3Q8N6MARTCS
etag
"b86a8a0666106fcceb13f2bb8875eef8"
content-type
image/jpeg
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
36837
x-amz-id-2
nJ4upWoVqB/2XVJ5UlOrcK98YrurxuFg+XsYvV9cYor/NpTK5L7F6rkBgh/TmLn+3k1kumn9R4k=
expires
Mon, 31 Dec 2035 00:00:00 GMT
boton.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/boton.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
c1f4c422e115e1f190b663b010a92ab8f0bec14498f898977174119d3dce2b4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
KJUcC9EzyxOmmfMWfq7GHqTqulgXg3S4
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31WY3XAG9CZHB9Q
etag
"e87683dcd553d3205002a6a553664dc5"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5992
x-amz-id-2
F2aIshFOwoTGpTcg5QJOWsmNW6h1CLS+jMlV+TtRzk15AeJk1ESd/gdr3sFifMXGk1H3kwi2vDw=
expires
Mon, 31 Dec 2035 00:00:00 GMT
claim.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/claim.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
8c4998e371586b5eaf99d433ccf82d26ead0770f2b9497067f09037fdcafa23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
mQsOW5Ee4lvqnnFlp8I1dIL.jk4eib_5
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31N82H06TY4GAX6
etag
"3e4de60646f701595472bf35a961511a"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5354
x-amz-id-2
wmXZjLNC2jIGe/Eq+N0eLy4dlylJYRu2NuVCU8+pv4NT7cJJ1spuK7r9hRC0ts56tQHb0xkx210=
expires
Mon, 31 Dec 2035 00:00:00 GMT
linea.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/linea.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
604e756cac3d6fb6bb83d57f20bdd33f9ad557b405adef04edfabbb8edab739a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
.HOwsBes4hRb7afHL1r_82eGWN8SnOpS
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31R8EMAJ5GCGBHA
etag
"dfa92fd4aab653ba5f30f3848d7a4b6e"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4302
x-amz-id-2
gpp9+nYrkBu6G1ALQ1AfpvXbWHWPu7+vPGMbyELyg9+IwofLx0S8PIrkBq+9w7An0ZKigp/eki8=
expires
Mon, 31 Dec 2035 00:00:00 GMT
logo_menorca.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/logo_menorca.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
214653d9bf3d559a60293ffbca1a64f6d18243fd4003abf30bb17fd02150fe77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
wNEcMY5qc8E3nMTYvx6iviNfG2NTJWqd
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31TC86AHS9G91NX
etag
"aad23eaeab0cd41989c2e8ee5aaf08d7"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
9615
x-amz-id-2
jqhxz2+8mg5fxBIVjRmqdCKCXa5GGtc9jQKjcV/FxOC45Y/czaf8it2y8sNWN0czcakCGcVRNV0=
expires
Mon, 31 Dec 2035 00:00:00 GMT
texto.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/texto.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
3d9506e3741d9628c39e69b189dfdd45109d7de811ab0ae51adca72f4add3081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
F4Hi3BXIVoqoV3Q8XObNpzlO6kqHD2Se
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31TQVKF2MQ7Q9R3
etag
"59f2bc440111ca11dda6cd88ab57f0a9"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
15404
x-amz-id-2
NOCdHlTcdsFIfaZvSoIurWZ6itgyKCh5kIrTM72bxLkXXkqV2d+hj2Vd/xvUpAarWNNCxeOTeow=
expires
Mon, 31 Dec 2035 00:00:00 GMT
titular_03.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/titular_03.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
f1b1557335b5e08e96c3cb1eac7dcffd986b742766bc445b48898ec68097afc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
4LpPZsnzJaPdvjoyXwW3EcBXY.E5e9qD
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31Q41Q2VX1TV5B7
etag
"855a6abc08e0dc8f8a4873568e901026"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
4280
x-amz-id-2
Hlv2/x82VXPm5qq1ZlV9Br3nYBQY9nr1ilRsmQ8f+Qx6sydQnZVo0uVjKQ1eHRXcKT7HZ+PSH74=
expires
Mon, 31 Dec 2035 00:00:00 GMT
titular_02.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/titular_02.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
ef53f6cb96c4bf59cb697b4297baf02b95b2edf3bfa62de42183ad232ff85187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
2Ch.Fx.rfkn3zzK6bUPSibZSnLWGlCpi
last-modified
Thu, 24 Feb 2022 16:56:28 GMT
server
ATS/7.1.0
x-amz-request-id
X31N77DNXET6A764
etag
"331988bc46a0535b0b4804d980f20186"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
15152
x-amz-id-2
crq88ANSnvt0U9nJdnG88TLgafu3bcO6qvKgSO4FmuMe/6bU/IwqDiUBVlArAOTy1OLpzcasptI=
expires
Mon, 31 Dec 2035 00:00:00 GMT
titular_01.png
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/titular_01.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
a3b6aa5f719b969b5d843f5bb615948667b0f716676ec474e90bfdf46e3b14c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
tbkTaqzYxNjW9T4SgUrRIXO9qGZxta0_
last-modified
Thu, 24 Feb 2022 16:56:28 GMT
server
ATS/7.1.0
x-amz-request-id
X31SA92D2FHR4NHP
etag
"371435ec4ab5df0362313ef52d39da9b"
content-type
image/png
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
16543
x-amz-id-2
OL6DcZ11TLqzCacRrbWjXuaBoOUNWNQqD6NlqgbVZb2c4gpzbAQinXUVBEeWINxD3Tt5gLhzpOM=
expires
Mon, 31 Dec 2035 00:00:00 GMT
foto.jpg
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/foto.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
542520da967ebd7a88f4c33785f5a293a692e5e302a2a0705d338a915f9f5dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
jPdqhjMlhJJcZVmIl5mZvzAJIeU1Jvy7
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31W7ET9QGK4K64E
etag
"0dec6d88aa7d8696de6aaf1269f345a6"
content-type
image/jpeg
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
30905
x-amz-id-2
tXyUa2RgU4O7+DLP8pST5DWEG5G6LVQppmRSmn4p3UKQYDoGrmfFtR6/RIkBACFhi8HJ6zMhKPQ=
expires
Mon, 31 Dec 2035 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 3B2D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gj5143v5gx64zjzxhwxenys33m7eqgba1473h47z1brcg5ren6gbnnysyhmfe8kwtv9s7etbr2mah08g6whswabfztwjmyjxat8c1a0y3f2pc47r1yqbn4h6xqd3xehkwa2p051w3rgm7wf6ngftdqw2s8stbw1s06p0c19qcehstdw51884vrpahrw4bjh7gv6ayeg8jkdzhqh7jdk323frdhpg7zxmmv7ztmc6p536xxzm071kb30tay2fey4zjpvrbz6qawg5qwchtk8etc1v192sqz3wndeam8nkyfp2fj05x8cgza89pzwhheqqp24k4fthdreea1h47frks761mk8kwbeq6ppcw2nk4dyw15qjn8kjvqyvymmn1trp5phwz55k6kf8mza3rvakv5mw2mv9jjw2verx9xw18fcvgkxh140&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gj5143v5gx64zjzxhwxenys33m7eqgba1473h47z1brcg5ren6gbnnysyhmfe8kwtv9s7etbr2mah08g6whswabfztwjmyjxat8c1a0y3f2pc47r1yqbn4h6xqd3xehkwa2p051w3rgm7wf6ngftdqw2s8stbw1s06p0c19qcehstdw51884vrpahrw4bjh7gv6ayeg8jkdzhqh7jdk323frdhpg7zxmmv7ztmc6p536xxzm071kb30tay2fey4zjpvrbz6qawg5qwchtk8etc1v192sqz3wndeam8nkyfp2fj05x8cgza89pzwhheqqp24k4fthdreea1h47frks761mk8kwbeq6ppcw2nk4dyw15qjn8kjvqyvymmn1trp5phwz55k6kf8mza3rvakv5mw2mv9jjw2verx9xw18fcvgkxh140&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%26client%3Dca-pub-4627517680249670%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
907349
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 16:25:12 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7045c41e6db95a3d-MXP
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 3B2D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gj5143v5gx64zjzxhwxenys33m7eqgba1473h47z1brcg5ren6gbnnysyhmfe8kwtv9s7etbr2mah08g6whswabfztwjmyjxat8c1a0y3f2pc47r1yqbn4h6xqd3xehkwa2p051w3rgm7wf6ngftdqw2s8stbw1s06p0c19qcehstdw51884vrpahrw4bjh7gv6ayeg8jkdzhqh7jdk323frdhpg7zxmmv7ztmc6p536xxzm071kb30tay2fey4zjpvrbz6qawg5qwchtk8etc1v192sqz3wndeam8nkyfp2fj05x8cgza89pzwhheqqp24k4fthdreea1h47frks761mk8kwbeq6ppcw2nk4dyw15qjn8kjvqyvymmn1trp5phwz55k6kf8mza3rvakv5mw2mv9jjw2verx9xw18fcvgkxh140&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59754
x-guploader-uploadid
ADPycdsjbbGwoClAviClI_b-RVGsj419bRsgc2aQTBcPeuotIInjk03xCTJ5ZFya9lTCf2IXRkywzizAjOFu7NjVd8qPMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Apr 2022 11:51:07 GMT
server
cloudflare
etag
W/"6842a9524c0172027959a0f7c93f8770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inpR%2F6YhMZILKRW0nm2%2BRb130T1EY7KvH6dHdnGNkuHQ%2BJvyuVEyVQlZs8XFoTTfiHI%2FLJ0N87G%2B%2F54r6I4T1wCJdds91SlNE8odtCN5PGsRZq%2BOxZCtobmpRA70OiFPpM3fwyM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1649159467260020
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11886
cf-ray
7045c41e4ab43754-MXP
expires
Sat, 30 Apr 2022 11:51:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 44E5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:41 GMT
config.js
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/ Frame 8660 		11 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/config.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
5jqFAmbfbbE7VBFQZKBB4JxBKXWycj6n
last-modified
Wed, 23 Feb 2022 16:07:31 GMT
server
ATS/7.1.0
x-amz-request-id
R6NMP7BDV7M600S7
etag
"9b623b63a22644fd1a4bf2b3af3481d3"
content-type
application/x-javascript
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
11
x-amz-id-2
sgwLltc+Jg6Flxqtuf0jE9oNqJHkFQmubfnfE4mkN2drREBNaA2in6RLaXtg4dVwl8RcJFHwXXs=
expires
Mon, 31 Dec 2035 00:00:00 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4879687d5f38f71840f8c315bbaa3403988c1ff05f74b8d7f9f63217a4efe6d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
WeuRdFonru35rvKOFCuP3c1BZly40Qni
content-encoding
gzip
last-modified
Mon, 25 Apr 2022 08:13:10 GMT
server
AmazonS3
age
72862
etag
W/"4445499833a130b772011ba81f226898"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date
Sat, 30 Apr 2022 08:13:20 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
0R3FiEaDai5v6UBQufPg6cT_KbbfnYDe4X8FXbLa4AxtAHXA1NJfow==
config.js
secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/ Frame 57B6 		11 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/config.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
ZR0ovb4M89FOrQdIYo6kh978lfK.u7cr
last-modified
Thu, 24 Feb 2022 16:56:27 GMT
server
ATS/7.1.0
x-amz-request-id
X31PPTY1QTP9FE7C
etag
"9b623b63a22644fd1a4bf2b3af3481d3"
content-type
application/x-javascript
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
11
x-amz-id-2
b+cO4apQ/6HTTsCvOLmD8Lxow97FwJWeigHIRe7iEAKkW3NzlGspHXXmjEljG3if6fWyJ3PETdg=
expires
Mon, 31 Dec 2035 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D36 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D1%26key%3D
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128777
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 01 May 2022 04:27:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 02 May 2022 16:13:58 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8202 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 May 2022 04:27:41 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
avpb6.15.0.js
player.selectmedia.asia/script/6.1/ Frame 3FB5 		344 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
282e6548c56f8ae5d6c8eac90942853dabd60a2c5d332233cd564e870b223e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:41 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycduVo0aT9LNQ56VTV7vwhTmog0RBFXEiprIRliIHTr8baBQX-ZjGJLevv6p8iDn59wNJjpqy2L0dumYgNHHFYJFO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
104578
Last-Modified
Sat, 30 Apr 2022 11:07:10 GMT
Server
UploadServer
ETag
"06757336219c6d8c7306fd2eaeb24d3d"
Vary
Accept-Encoding
x-goog-hash
crc32c=26QwyA==, md5=BnVzNiGcbYxzBv0urrJNPQ==
x-goog-generation
1651316830609059
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
104578
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sun, 01 May 2022 04:32:41 GMT
avpb6.15.0a1.js
player.selectmedia.asia/script/6.1/ Frame 3FB5 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/avpb6.15.0a1.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3f299277f3369985616a54567b4d94b6518dd405b5ab7394a5d42091980798ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:41 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdtci6wrtD3kCFE1SFA8norwP8uz4uqCqDKepWw8bA2Hg5fuF1YKV6IK72XTm5k-NsoYHFjsmAOjKt3-BZJt3bVloXTbKRAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
19259
Last-Modified
Sat, 30 Apr 2022 11:07:10 GMT
Server
UploadServer
ETag
"c4c00ca312ffbd6d4c1166cfd8ec8385"
Vary
Accept-Encoding
x-goog-hash
crc32c=4N+gsw==, md5=xMAMoxL/vW1MEWbP2OyDhQ==
x-goog-generation
1651316830567341
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
19259
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Sun, 01 May 2022 04:32:41 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3FB5 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
476
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1PNDHHP7RV6BV11JD2J0
date
Sun, 01 May 2022 04:19:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hrzOHstZJ4wAlGpX_XhBR7omHMv28ikzjnbZgKyAPsq2ciBAfC6ASA==
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=request&cb=1651379261227&asid=623daf9810ba54791c251d39%2C62459a9a0546da6efd2c8e08%2C613476638d66832318703f04%2C61769242e6ba0465685a0084%2C61d566284039f6201a7b3bc7%2C61f27d6798c38c4651179ae7%2C62208fddf3f8cf0965576d95%2C620290f4539a472cae35c509%2C613097796588a4043247f862%2C61f7a1ed31362927237ede55%2C623075011246244f112d2344%2C6139cce9d1a4d007246dc416&ofpr=%2C%2C%2C2.38%2C1.88%2C1.5%2C%2C2%2C3%2C2.1%2C1.8%2C1.7&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 44E5 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:26:30 GMT
x-content-type-options
nosniff
age
71
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 04:41:30 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 44E5 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:25:25 GMT
x-content-type-options
nosniff
age
136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 04:40:25 GMT
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 6386 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame C6BB 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29773
content-encoding
gzip
content-type
text/html
date
Sat, 30 Apr 2022 20:11:29 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-id
Z9VYweGLPF0JcoZD1PZbsptMskWXyOE-rFTMBZXH-AIu5mJQqM3U9w==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
EBLoader.js
secure-ds.serving-sys.com/BurstingScript/ Frame 8660 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a09493f02c721c7da3e052ef25b795e29c2de806cfc9135e0bc7a6710134c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 16:24:29 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"9f451f9e840353f1c737dad023522454"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
3713
x-amz-cf-id
XJjwnnFUBgiCc23YifEQji_Hhup6Ovpx7K7v8LcvFSsOXyGpLeeK2g==
expires
Sun, 01 May 2022 04:27:41 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3B2D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 01 May 2022 04:27:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12881575
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHZqjEqCSz9YB%2FynK7ymNgKaXOgh5nKNOg%2BW1L4jd03UNqnIVMJwp6X66kHmwwTzUxTbYrMbeH9uPVRVejJmChy7sHppM5RQ9ECdCS8YHvtdUOu1aX9l3BwqmJRVdgJ2uBH%2FJ4Ms4SzcLo6o3D7lqdBX"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7045c41fb98483bb-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
s0.2mdn.net/4528404/ Frame 44E5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 12:04:25 GMT
x-content-type-options
nosniff
age
58996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 12:04:25 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7D36 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75137786&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:40 GMT
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 0CD3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad57643b8e4803bc348012d53eac978b3415de5c3318b4e3a43739f27b366ec6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1619
Content-Type
text/html
Date
Sun, 01 May 2022 04:27:41 GMT
Dropped-Udsids
241|39|230|46|196|218|31|65
Expires
Sun, 01 May 2022 04:27:41 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
EBLoader.js
secure-ds.serving-sys.com/BurstingScript/ Frame 57B6 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a09493f02c721c7da3e052ef25b795e29c2de806cfc9135e0bc7a6710134c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 16:24:29 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"9f451f9e840353f1c737dad023522454"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
3713
x-amz-cf-id
XJjwnnFUBgiCc23YifEQji_Hhup6Ovpx7K7v8LcvFSsOXyGpLeeK2g==
expires
Sun, 01 May 2022 04:27:41 GMT
frame.html
ad4m.at/ Frame 7CEE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2168472
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7045c41fcf205a3d-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 01 May 2022 04:27:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 01 May 2022 05:27:41 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCKUNR97oZfyYUfn64rLZ3QdiL7qIZfVblAlEUseG13Gklo9%2BXSayfB26s3glskWYoXDgLmAxThUIGVTmmaU35MtIlYGcHNU89wbq0l5XYadPc2WJ62dlLVPULnTuKWv5LGCCCg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 01 May 2022 04:27:41 GMT
server
ATS/9.1.0.46
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 01 May 2022 04:27:41 GMT
server
ATS/9.1.0.46
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		212 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
dd048e8ef6171650aa358c739fd4b3edb8c886a4c04df73a745e268748585fdb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
212
expires
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 01 May 2022 04:27:41 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
62fe164905b076da2afe07cbc78ac94205a1051607dddf37aab5316e7787c084
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:41 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
80e0e668-ef1b-4c68-a70a-c225574dc24d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.123greetings.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 01 May 2022 04:27:41 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
cygnus
htlb.casalemedia.com/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=711670&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221136ac98165c6f4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22127c00eccedb193%22%2C%22ext%22%3A%7B%22siteID%22%3A%22711670%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22skippable%22%3Atrue%2C%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A1.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%22611eda6c0903a33c051dbc64%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ede4eab1ac646c566e7b85a73b9f7c25ca917a17545a47985bdc9e84264b5db

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 01 May 2022 04:27:41 GMT
auction
tlx.3lift.com/header/ 		19 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.15.0&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&tmax=7000
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.39.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-39-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
config
c.amazon-adsystem.com/cdn/prod/ 		761 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6f47e989e3efc48ca7951f0d73e88d48116bb57bd39217af1c7d8529c58d6dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:26:55 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
age
45
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
761
x-amz-cf-id
cW8A6qnjckU2VhH7d7G4h_M7XOVrpJgh_e73kiUhowmX7BBf8W1H3w==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&pid=d0zsWyg2Jkob6&cb=0&ws=0x0&v=7.75.0&t=8000&slots=%5B%7B%22id%22%3A%22SM_400_300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C611eda6c0903a33c051dbc64%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
7XPZ0JGP246B8SX4ER0A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
0Bw4tJxJ5Yqzq6IlHBqGm6HEaowr_qxf-VrX74ThjivRCb8ovpaE5w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
2179
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Sun, 01 May 2022 04:03:30 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
tWjsWVbb0NQsAtugjZGA6rKEwth6nVhazqsPyg9VPbiZiBRDAzszKA==
mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
s0.2mdn.net/4528404/ Frame 44E5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 12:04:25 GMT
x-content-type-options
nosniff
age
58996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 12:04:25 GMT
EB.js
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_147_1_0/ Frame 8660 		80 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_147_1_0/EB.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e1c6e3e5c62149a5dccad432bd6f84d3d2e0ab9f82b34856384cd713de62f77f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220223/1076427015/69014232065122716/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"5f1fea7e5f4b02b9cedd25bbc8d99f32"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591098
accept-ranges
bytes
content-length
28113
x-amz-cf-id
-YbEAcYdcTBBT0OSK-bIvHhjQWV57x8HIlZ44ZPfILyWGWWs-rKBJQ==
EB.js
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_147_1_0/ Frame 57B6 		80 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_147_1_0/EB.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e1c6e3e5c62149a5dccad432bd6f84d3d2e0ab9f82b34856384cd713de62f77f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073744207/20220224/1076429205/69038213283458315/index.html?v=_2_147_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 13:01:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"5f1fea7e5f4b02b9cedd25bbc8d99f32"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1591098
accept-ranges
bytes
content-length
28113
x-amz-cf-id
-YbEAcYdcTBBT0OSK-bIvHhjQWV57x8HIlZ44ZPfILyWGWWs-rKBJQ==
dcm
s.amazon-adsystem.com/ Frame 0CD3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MFSAXRR2ETTVGR0AR75R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WG5A2G3MZ13SXKX4062Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0CD3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0CD3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 0CD3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 0CD3
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 01 May 2022 04:27:41 GMT

Redirect headers

date
Sun, 01 May 2022 04:27:41 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ibs:dpid=23728&dpuuid=Ym4MPFKT-l8EbcsviYHnjgAA%261191
dpm.demdex.net/ Frame 0CD3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ym4MPFKT-l8EbcsviYHnjgAA%261191?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.107.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-107-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame 0CD3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7046656612074283696&uid=Q7046656612074283696&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:41 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 01 May 2022 04:27:41 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 0CD3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651465661&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651465661&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 01 May 2022 04:27:41 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651465661&gdpr=1
pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0CD3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ym4MPFKT-l8EbcsviYHnjgAA%261191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:41 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1687
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:55:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A704 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BA3pcPAxuYuHoFvKP9u8PlrSGgAgAAAAAOAHgBAI&bg=!UVKlUhbNAAZNIUvJbSE7ACkAdvg8WhzqqVG4GubLUG9JuettLiU8N9I7dEON8BaPjjczuyqewefbHwIAAAG6UgAAAAZoAQcKAF3SXjjf-Xtdmn0AVkdQCLcWtRQ_xYdLf8ex278cDI8jv8oecM1iIPiobiPZihjlJE4ZrIr3lIkNbNBfyoWZHFLohILKODSlwnYKWgwSKR6eHShFAiKU8B8zefrYve-ZAz08W_iprEp5GDmZykUB9SiwG4X8boIKHccMQkXBSDvXLL7A6-MHNbZ6tWCqLiq5crirL8jXPF_GcNkWYSqYo42lPn14q365aKD9rPiR8sf1RId4AuHzuMUI4vGII-D0iVaYGlAAlCcTPSbX3ttSB9gDKlcYD2U25nIx-LkWgT4KduiU2TQO2ivuf3Ezz8DIfyXV2-xwBbFAWTBITf2tkDjqzKgeuCzKoad0oLUWYuSf5h55Fu2gBb1wnd7Q4KLjCnlplYPj_NpqLsHg_nVJVzEf9Z-2iQKthYH7_EWxIujk7YTVwbperOr204gqkZ6NgfvlXCt6hHj3NyvnYrmvIgYwebyttexLXEUck_WMvH3ibw8PyMHqx0F5sX-HfDHlN54brMNganKwokqXTAd4DRkxcMrZcQyH0Gu02WNI3XwGeOCecYNahFShf_fBb-tACWM-JKf9sGTICagK-OGXU2SkFTEQs0cT_5uuqcdN_CU9YS-2GYy24K0AW13l_8OjVhhE5AdUFDP3H79TxUF6wgvhk9Uv3SsU5XWyWiZdQFPt9fIj1B-Xf40oZEPpqKmyogc1HZzDCa0j5lzLXPhiOJkBgkWuymcr5FolLEsNrUvwgqU1zJy852n9vdPGcCRF-QmwLrM4QD9dDfi59zGd3OWe15YqOHJ1mv3L8NH9aI9GN-d5xtNTAvkxUNoQvYTFTudxDqlavLlPmPAeHsKLheOU7ARtnPEBtmSamgI2OVEI6--uiRFX3ZWsyDd5weeFUm10-GLLj0G2tGvpg7kjYHnxV9bOw34_bO9VBBn0pgxEtzs0_s0jDpIsFxdxQKH1EhlTOcOVHDvbUL4qE6v8F2CzK7558x5bXC3x3Q1U8-2zRdGopwQPuZNHGFR2vDmSBXiIeX612E0IiExaHMPj6xa-uN5__RJQCAimweHvHDjPF974KQ48m2C38d1X90D5AL3b6hiyO_sgCtCA37vaQiA-SXcmPblPs6jL_KbQzARNhESFQvvYfyCZIRcT_YU6lhNEr-kkOcL5C1n9ZksbHAaPLi1WwZRg0c2hZct5ELRRDThTBRUD-DlOS8dihIxKw0RlQMizaHgWob2qDC3a
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aax.js
c.aaxads.com/ Frame 3FB5 		576 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAX14O5G1&hst=www.123greetings.com&ver=1.2
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d5e7fe037bb7459d1b87636aa59d5dc856b6ff8457a00e18617ec40fb0a87bba
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sun, 01 May 2022 04:27:41 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Sun, 01 May 2022 04:57:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAF0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWWSsPAxuYvihF6uZrASnoafwBgAAAAA4AeAEAg&bg=!RkWlRQHNAAZNIUvJbSE7ACkAdvg8WpmhEh8d3IKpb2mHBo4VHlnCkUmr1EqB8jHWwNLl42ki7wP5oAIAAAG5UgAAAAZoAQeZAxt5MkGFBBRmj6NoG3tSOlcJySP25moOJDykCZz_DqZ6X40lD5Q4CCjrtV4B9XQz5Ypx6NeT4ZUwYB9lOxipSoYj2eLVwmaiLAR7CMEyDmJ0d342LvafliFIjDvXutudVbx3wns2lDrqTcdoCN3B2BEHJmFM3-xtxHQGdd9L-Wr5RMWlX20S4RTQRPPdoc65BaHFlrSz-g7KmG7mLW-sgh6WmKOZNJrwaOFWfZQqJMcErruXQmZ8Qux2-8KRSya4qnvUlPZ2GdwjEloAnW1W6D27_eUzaF7QZCb6mD8rj4cJE8LzTZDPC8npOYTWEMppg3zUe2KeSL7pRi3fYFXhjR9yEEHIaz4W68gRxqMepRvpBtb7XQ8rrnqdddBDa4zP1cNx6Xidb4b3pSLtfEWol4pWDd2VkB0kYSSiDY9ZTAnVZ3PxLxCCkKRJw4LS-NkHDTJ9n3Qabv2iNYFlb8QlJsZqQtmZMEiES_mBpEEE9Fqli4LlDdVSiXvL4_y7wIu5q6vbfgSL74X82jwf4sTDZZg_in0Mla92HHfq7HSo8ZT-y7AsAZi0FQv_5NPiEr3TUMhFgsd-apkWIdTxsZFv_B1J6pVZugLubzI0x2VjKtDocBOe7LHqDVkcDsoTEY7AnAbZtdPUcTXXZh-0z22vhKAF-DG5oiJuzUtuMc1C6MnHTUdfIa45k1H7pgMZ2omVu1hXzXRqgAQFLrubYt8TJJTX-FSh69o_FTBTObjoedZfVOx9E7S85OAgJCgCAb66j6KDlxr5oirY0rCOvdtfygoyvHnDOOhSo0CY2AAc_A1iKZfEGabd6MdJocveGdhLWqLdR1AI35ycrPFSmA48AKPIIqtLGPjWkKyyPGJ-602_R6MmDG4QTjZxmrKXzODI0Kywm7Ky3ZFk8yFT1l3UsQOKBx1_UMnhDcFPhlRFxi712pLax8eyALrnnenjtXN5cqY8y86xhJ5kAWXzlCFvokZMFU7s5Juzs9-60h32NbHFotDWv9-FfRoLQ-lK1Lz6kyJDSOpCKl6_ui_mn754s3ZsFjGuy39AnuPukWA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FAC3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ6G0zgSY9IOiLiEa1I_kAhUXu1aXDzMxWD4AjpSyD6mA-XdzUarD8VN71_eCwz46iSULqCmyryWAf54TzKkY6Ul1XjgEgR-5Ej744Pbq4l3qGicp5-YbKgB5ErGtZzPxbQjPdIE2jpiY6RbjCKgz8kt8S0VATLNbrNa60X7990Btfy_ne5KalAYXmoHt8MpkpU8i6vGxU04ZqBGsuoQodxDOwG0500CQ9Qfoc16pUgPDkwR15TCzk9mQdRj-n_izx_R5LMkCWOlHRpw2rXHQE6bTXypYFVZUePX09sfUJEQfiFx0Rl9I_VvHZFtZtJeKVrzhcmbca_mQwvEpUTnWQJqU&sai=AMfl-YRGz4C-N28eAvPUYUQPBPjhi0NtWCnJ2icswc5X2Vwzbl8Ct4eLKeu_R9kofLxWF_rqByH--kXBPmAgRtg_MM-82ImMbxLFBb3LDwUx5-5ADUQfhmIvL1QnO_Va2xEcLg&sig=Cg0ArKJSzOzAuAzBe8xyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 01 May 2022 04:27:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FAC3 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beb9d01b9c9ddaf513e7b662e9df1a29aaebb459523ec403ea4660835842fe69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10645
x-xss-protection
0
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=Email2&browser=chrome&utm=Email2&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&eu=true&country=DE&hour=4&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://www.123greetings.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
qfZBlSHVWo4QgUpazfgWU1Qk4TGwwSXs49E6k1ax6EVII3uR8Hn-2w==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=Email2&browser=chrome&utm=Email2&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&eu=true&country=DE&hour=4&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sun, 01 May 2022 04:27:41 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-id
E2IP1QmM4g2DgctFNpZV2_ORX8XavkCRs5h7qcc-4nydrMqu-CBiEA==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.203.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-203-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FAC3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31067322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8716 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1_tKPAxuYsbDFMGy9u8PmpCx2AsAAAAAOAHgBAI&bg=!cHOlczfNAAZNIUvJbSE7ACkAdvg8WiaNYKeZyvbTcYMc2OxVqkvmInFpto6-L197SkML6mNIfuA2fQIAAAHSUgAAAAJoAQeZAyzYHahNsg1wEEuaRKm-D5ynYSeJY_thXOfpLw1Gy8MxlwCBY3f-0juxMAE0SeT-vnAKU6BNm5YvUNaSouFP8zcrDEE9WQ25nItDk39XJSjuHdI5eqgKyueFR9FwI854WXwLNS7URQfZfcphcvd7LxpSi7K9NnAzbMj4ZV2WQjd5awmdBRVuWe8y_brSXFHL_47gyH3dnC0xM-eZCTZ9Do8dUK8YGbP3pL8_Ld4MJhgoQF6RpZxvgemNjESc0Llgy1NNEQNUIZFolpVC8N0okU5jx7Lr3-9Kzq0f-wwRnsjt739gSGzqwurp4oe1BEN4Z3Pa6kVnVt9bEAGCEMh9RgfnG-WYPdlQWyUS4AWeNnz6r7tD4SIrvTRa0l2txRTAI8Xl7yRVBiRka8zAnl6Yg22jGW25lL4ACTi4MdyCIfwlXDYwIIyqU2gCVmrfpLuCuPojwzGXxbur0XUTzQol8Eoq5nWPS7e5tNynUfRb4VuzF-gwLkLPAfC30kHDFhWq9eHgU4yprO_jJ_RczKZHHzXfXFAL2YMvAiL8N6hSD8o02ABgK0gTiNyIbFiGzx_1GuOyFkTultZTOXsixQTgB5Bzszf-4WpMOBc3JjozCIrqPTJ1oBqVcjZIO2InfYvEGwH1YVP84LXiCdry369RA1itlX5FNyAHUaFceZk3tzCcqY6nfUU54jHklM0Uj3rawOjch4sEmznD_a3mJ3JhhjIinISHsyEwq9Bv8tDThb2C7SmX09lVHQ2pG6aJ6ctHRex1MwRuNlgWwGfrjqNJBv2WsF2YtkRULpf8-U4rZftVGkhe67UTP_qyRky36kk87-BaZyjSdgIMKmr7mG92yxmSA-po7tsJZg8R50A-1LXHfUjcEHYVMdRlVYx7pBUgVY5pmIHk43EcJUsy7bRhu2cyFTN2OFJXJunDz0qOT8m1OGayUfVOm3Uu9wqN3kZ4cQCxZw-fJ7D5j7_l7pcQPnrsna9mdL2ULkB6YTbgHyi-OADw5_gOwXayyyVVDdGbEEXXSSKcRHzXNilQXXRzIeRWhv62zR3qwh_AM88Kqz7QpCjCOAnu1Pz2MVUnCg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D827 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWglMPAxuYt6uGPiL7_UPw4O34AQAAAAAOAHgBAI&bg=!V1SlVBDNAAZNIUvJbSE7ACkAdvg8WvO_QHmIzrlxVtF69Xoh5YSHSVHlD7FWiDKPMbcvPA_zms7ewgIAAAHFUgAAAAJoAQeZAybkcwC0DRVha4WeroRsSyxD3mTqLtdDD5VnoKR8D3VThRG5enOkdLNm_Y1JqLg-Tf_UuPe5GzkuS8gAifhwy6yl33uZoKSWGbsM4uOhKZUrbxaQorhtWm00Ien5wxC-sieajFCNZnrxKtYpkAdf4dS2rnTLHcgV_Ib9l8VLIcmrg8Rk2h6Z9st6gD_CjfyXOr2ngsYN4qycougW5wY3ISOU3ZbI2rST8ekSiCW956-v2N5ekiC6RJinEBVzzp3iXGsyW-Q0pWZcFJCPlMeTe0dzNXl1H358je_EBf5sC5nBXptYrseXrClazWUg_H9WYnRyhFBzi4Six84JFMgoZDE4QILDY42pChWY4BQenkpENNhGT43ecCddG0A_2mdiV532jNUNCKh1sF0PQcQiO2ycHaqCs8-yISlZI9Uyv6OimdYiSDocJN9CEFzi0ByJfyOz9U9Gg1X1hayL0kQZ1rIqad8_gwr7FZCyY6O0BKzsRafI2ID-e-liEh3btwWVqD76W7LSaPpiiet3lTuXK6aB5nCbhK818e4SmQEJ5dmCildqAaO1C0zSt7xPqjSvEESNBfyCVWbE-VSExSDi0pLWAo4GTgUzftuEBtIhRc7ten7u124mwzKZvM5vhTd69jR83cN5P7f00RpY24AhKBqlRgelJH320069Peo4ZSOyl_VZRAgxt5VQQYrSuL2QsXpsYA_s8uOlO2YsgtRi6fj_n3Kx2herTMp8lXFqild7M_3WUGOPcA8GXWu3iZWQkdgMr4URkC-k53FzpYO4I66xsTi_Yr_nb5thh9LIx6IWKkyI90BWOh1ho6YK1--tt8UGPuc6ZXqH371KgF5ZI0oxbcR7P0PRPQoGy027t8oMxUVscHMM-3nFfmwRvUwD1EezU2YPn8tnDVAAOqdDIcaxa9UDqU50t2ztdnt6vdw0dcslzjzzQeVxaxVAsRN5Ye_seqZv_nc0WDfC1J0NjlFySF2bGIvWfYchQZu7zb-x4SNDAVsz0WB5KCrUDBdyiQnbEMw4yJAYuaMIvGYRKoZ031jQUtkbd_pHR3osQR5bgnp8FwEsBg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 3B2D 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea7e06ad57330f892e2474399d24276e0471f3cc4fb5134e49ee00a507cc7a0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
7045c4220e19f923-MXP
date
Sun, 01 May 2022 04:27:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjXBBnWrEhgWKqqCplld2SzqO%2Fne21bnZTK8QXfEvxyTc6ltzTivuC1Psmr0K6B5LeDb19aHyqyZDoRG%2FaDiImnGck6rOiL3ItOIMDo5lKl%2F709FNQ8Hwf5mpFdC77jNCSDD8HI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-lmw8
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7045c421bddff923-MXP
content-length
24
content-type
text/plain
date
Sun, 01 May 2022 04:27:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt3HZjlFeU4g7kSdwZ5W1JBIffzV%2B%2BF83pVSzPtdNlsGvrB3d9RChhW6Va1zripRsX%2BigW2sznPxvaC3AIeJSFNsNRn%2BJgoMAPSbbS50L9ts%2FBJoqtc1lPxifOHIGcas5Jedxcw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-lmw8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 702F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 19:35:23 GMT
expires
Sun, 30 Apr 2023 19:35:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F864 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ce398998e75ecd70d191947c30c7fa0adc813748f2f1ff7e17f1ef397101970
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GYqtg7n5f//B3PvJTQDuTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-GYqtg7n5f//B3PvJTQDuTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:41 GMT
expires
Sun, 01 May 2022 04:27:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EE9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthtX873FpaBpqvF0JAtTlysNrcIEEQjl7qiQAjzeNauX0SBoPiDmyzMzwnoXwyOI3Zv4XF0VssAvVzDCOFmj9G7lDbXbcXk9UwL-IJRWHIiWE&sai=AMfl-YTqKeMuNNLd9CkEZbWOGQOiCKcNhe6-rvo8HxTWQJPS_CR9HLD9p__kXqtsx7o41dfCd3vcaWzeMch7BdHdyNYo89bJoYmmazzeG66T8fVxyX7YMwxvxaqo7AyTdVg&sig=Cg0ArKJSzCj-ZRXR1DOmEAE&cid=CAASJ-RoYcIZ9jHqT-PQMO1DiQKm02cqPF-E9QX7ipY6My5zjl5HfzYeGA&id=lidar2&mcvt=1017&p=236,970,486,1270&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1127719608&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651379260206&rpt=464&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FE6B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_DdoVbRPoAFCiq9242rfNQstr2IU3GHyCMGoyHl9jLTE2WxPQZO-LzZW-0qps5pFKMZu2WfvV2PuOhS-eXPnhXzgECglNlVfJFcmGZ-OPyi0&sai=AMfl-YR68OoCfgTtXX6bq8sbxhF1tR56fk0m3YaSubRkbDKk0Fae6_9_9tZ3NDUx4DTHITJwWBWrx9NlATAqgRmolycxEBcWFiaLPV1sU5fcGLIW3ZaRaegLzvO_dvmoX00&sig=Cg0ArKJSzG9Hwe-opEpuEAE&cid=CAASJ-RowiMpgqsRl4DcXPa9szBwn5GDIJNnAkmmYuAgI3aYIVv6WdkeNA&id=lidar2&mcvt=1018&p=518,970,768,1270&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4293624944&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651379260209&rpt=479&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F864 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=1749102031733190&rc=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pxusr.gif
c.aaxads.com/ Frame 3FB5 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:41 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=1183876
accept-ranges
bytes
content-length
43
expires
Sat, 14 May 2022 21:18:57 GMT
pxext.gif
www.aaxdetect.com/ Frame 3FB5 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:41 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=640891
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 08 May 2022 14:29:12 GMT
rar
as.ad4m.at/ad/ Frame 218D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84643fc18205b59cf0eb339124519aa415b5e2246b7950c824714a1871b53bd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gj5143v5gx64zjzxhwxenys33m7eqgba1473h47z1brcg5ren6gbnnysyhmfe8kwtv9s7etbr2mah08g6whswabfztwjmyjxat8c1a0y3f2pc47r1yqbn4h6xqd3xehkwa2p051w3rgm7wf6ngftdqw2s8stbw1s06p0c19qcehstdw51884vrpahrw4bjh7gv6ayeg8jkdzhqh7jdk323frdhpg7zxmmv7ztmc6p536xxzm071kb30tay2fey4zjpvrbz6qawg5qwchtk8etc1v192sqz3wndeam8nkyfp2fj05x8cgza89pzwhheqqp24k4fthdreea1h47frks761mk8kwbeq6ppcw2nk4dyw15qjn8kjvqyvymmn1trp5phwz55k6kf8mza3rvakv5mw2mv9jjw2verx9xw18fcvgkxh140&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%26client%3Dca-pub-4627517680249670%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7045c4232add5a3d-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 702F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F6B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv15mr_QO0MZRbJpbhuDMrkp7ke_cdJ8g378k5ltozqng-XVH_PWPxD9IsRK_RbAda5JHe8LDsX-pLf4cL3XcpYuq5-va2aSmgMJqGRoCWXh_3zo6sXIRl6dwTl&sai=AMfl-YRJuDsrAeQYlg5BBGPnq2nZZT2WS0c_QVksiT8nlV-yARFpl_QXypfTk4Zhf0Yjwa3N8_bODPh9CCzePMuqP2cUQpM5MQkOiRYGqYyE6zuCNJBAiB86v6-Ko7LDsNM&sig=Cg0ArKJSzPih62xQTbBOEAE&cid=CAASJ-RoGaGL6rRZl4SWWgVLYKY3Qqt8CkQzLfEsjeYwVXYlDIbcGZmm_A&id=lidar2&mcvt=1112&p=47,560,137,1288&mtos=1112,1112,1112,1112,1112&tos=1112,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3914305483&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651379260203&rpt=557&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3.video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84e70a73f5a2305cbf2a287536de05e35eba2f82aba11a1a4e5e472088081833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
h75UB1PLPDSwk9WnLycIFPRf2tRqQwVI
content-encoding
gzip
last-modified
Mon, 25 Apr 2022 08:13:10 GMT
server
AmazonS3
age
72853
etag
W/"2794a79de3146de74891406d10724d29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date
Sat, 30 Apr 2022 08:13:35 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
UEcLzq3iNcphs07za-Jspao0AYBQ9hk1Vr3mZf-tUnXY2a88wmRyNA==
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAX14O5G1&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=0&slg=8PR6YK195&gq=123greetings.com&vhuyqdph=ssp-serving-76cb75d7f5-g99sw&vyu=042813_364_042813_327_ssp&vf=HE&yhuvlrq=4&yk=0&yz=0&yvlg=&ylg=00001651379261927024540910086852&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=2&gdeg=2&ghqg=0&fhqg=0&hqg=0&gvwduw=0&fvwduw=0&vwduw=0&uhtxuo=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&nzui=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:42 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 01 May 2022 04:27:42 GMT
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:de:38b::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:42 GMT
X-GUploader-UploadID
ADPycdsVhuZmK171iHKh5fYNQGEvkUnMwJGDz0eYl7VH40Wgd_7Dcq9WmIwaV0U-Hx2iHzciW9XyscxktAMxtvvJ7pq-_QW8RA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==, md5=VveFJB0O2f5RqBcLndUCcg==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Sun, 01 May 2022 04:57:42 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 218D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
907350
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 16:25:12 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7045c423bb705a3d-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 218D 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Sun, 01 May 2022 04:27:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149140
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdv5qidXF73RHmoNufmuPMuEqRklowMsHbIX5zZZ3VeZ9NRaAL9zJ3Nw_yrJmuOS-3u6w9rU6JKcuiuu0TpqsR6vUQgfrn3Z
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHnpImdInoB3DMsfxami4IUrgbRN93bzNN7xsIUUkq8hAw6VnOCJW2%2F9oNTI85W1MPd4RP0Ecxxbdf2Q654ZK9yVJuA5Td2vrVul%2BVRtNBAGGisuqUM5mcxpnYRVKjpIBIwOGHksgutXeW2a"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Mon, 02 May 2022 04:27:42 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
7045c423cf483754-MXP
cf-bgj
imgq:85,h2pri
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame 218D 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=XI38Pg==, md5=RR+psCrnlTuTEa76xpe+fg==
date
Sun, 01 May 2022 04:27:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
148741
cf-polished
qual=85, origFmt=jpeg, origSize=156576
x-guploader-uploadid
ADPycdtwqSyAnMCX-8su7DBl6MpecQiWtQR6GkBNtk7KO28uXc9NF-4PJazfg_t4EMqEgo2JtshhJWobnVpCSv1vYmHLO0ZlX37l
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34068
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eY1tFC99aWSLy6nwxsYeZjpTXguPVLkWyfl0l62P1bJdfBCXB1OCsjCtTg3om%2FwHk5XALcqUU8luF4tP3HCFsWa7tPc%2BEo6I9ZbA9DN7ytZR%2F7utlbnphNI78UYKEz31YZc0urm%2Fc75GqYO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634647715304870
content-type
image/webp
expires
Mon, 02 May 2022 04:27:42 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
156576
accept-ranges
bytes
cf-ray
7045c423df503754-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 218D
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rSt...
49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:42 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683
date
Sun, 01 May 2022 04:27:42 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 218D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sun, 01 May 2022 04:27:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1983297
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdvB00WKgx745cHqkaEv9SP2O4qOtgzTIss7hz8UjeJ5YHr-cN1aZvdY2p2ANOf3K9-3w-Gx1jlYdqTxEli2DqCgNf8OFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BN%2FjIPw9LB8nWWy79VrIbPkqc5JWL3Kg2YHBa2SWqHODe2VeFCUz3dFV6cqJedMzMFf25I71blRp8OWhed3ETIgyFBHd8W1Mh%2FO3MkZqXCyawRJNNV1stC5CHYXyfvG7jIzwakNLENj6BSE"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Mon, 02 May 2022 04:27:42 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
7045c423df513754-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 218D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Sun, 01 May 2022 04:27:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144159
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdtF1CPB5GCHf1ZRKM3ZL29ppB9PQuYbSITR0RrV-SHdpBq3CzzecWnlAcYxOGa3dQYSUUqo8Yt0IG0gGee3QU-I1jMcR7_4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9ciXB%2FZyHEWnUu4PRWgV8LjEGsTvNZNjk1G7kOkz4cPz5V6H81rL8OKzcGw9FVLrJEtaY9Jx2dFQrGpzSeOY71RuUTdvJG56AZ13A3JkFydFt2%2FJbNLBe2fTq7lpccz5aD3uJOLfI2uSRiM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Mon, 02 May 2022 04:27:42 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
7045c423df543754-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 218D
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022050106274267922799345X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022050106274267922799345X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:42 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022050106274267922799345X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth
date
Sun, 01 May 2022 04:27:42 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 218D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 01 May 2022 04:27:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143996
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdsoyMjCSnUPISV_tt7vvIjq8PhL-13loiqE5Z553iBBTuIgtGnZpTrwVXQ2aTxJm_Hi8hbxjmX1Rveq6ZQrHoMRNv5RHcg-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ip13QTxsDZbkxUr63kjKXEuwFhUleci3ierMk0lTgnE%2FrefuMaFcWCT4BrWZcgAzmE0H6726t6TLGIc3Y1VY8diOC3DyjnKlZ%2BHhKj10NsPQHr47HQf1O9jb7G48Njm%2BWePW8VbhvVeV4G5"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 02 May 2022 04:27:42 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
7045c423df553754-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 218D 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 01 May 2022 04:27:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
733082
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdsptdp2JHMudyhma4_tRan-1sTXAWuZeU75iOPGSiSi3VWFAgWEo44SxaKV6Y1BqyBrraPCApnQwJCEnDNAE14
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6zCRoDwcYPVqn%2Figgw0SNY2Ihk08H%2BVIp1wVtAjD5xOomvXtA3fLuzqq8i5tpR6hNc6FFuJKFPz7C6Wspmg02mQ2JTryGODrsHwBkQ2iK8QBWrEfOIP8oVWxC%2BHEU6iighvDOJWrcsk%2BOxN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 02 May 2022 04:27:42 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
7045c423df563754-MXP
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 218D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jra6axxek0yrppn4xyg0matmcfzvcfcgarb3tgzfxcmd2rvcx7neb246h94p8ge3kz36ybcxgp4fg5ppvwbchdrmh5v89yvvr51q4qmafa1tbwzftgrkrbe4aq0ajvamqy6f8m9xz1spxk1dkcp2gdc27cv3njay8g65jj5d6tj9ht0q1dzx2447b531dj88f3xv658h1qbs0b77wqx9zdv5c747agdkm71wzfb2n2gnwafe0059jkghd10ethpjt28v93gk5dz59mvp8g44agyh1v5rycp151wqqz8zerdvgx7zxmpwbpv%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%252526client%25253Dca-pub-4627517680249670%252526adurl%25253D&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8ac0402e8c97eea3d5e57940de5f297bbfb84740ff27420f20d04c0b6f765168

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:42 GMT
Last-Modified
Sun, 01 May 2022 04:27:42 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1481
Expires
Mon, 26 Jul 1997 05:00:00 GMT
aniview.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e5d98f91f8e7be1e8fd176b3d85a0fdab01571c60d031652ad3151085b9eb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduN1M95ZCKlMMKLU_waMj8GK7DLK2MZLlyqiwnOPKJwDB1MUvYQIOB0AFy3hDU-SGXn7BnUxgYv9-LWOw9Ut9l1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9622
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"f9afbe6345f862e031ea07564a8616ca"
vary
Accept-Encoding
x-goog-hash
crc32c=0oA5pQ==, md5=+a++Y0X4YuAx6gdWSoYWyg==
x-goog-generation
1651316830557643
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9622
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 01 May 2022 04:32:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 702F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2g2poQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
AVmanager.js
player.aniview.com/script/6.1/ Frame B9FB 		370 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
90885ecbd565f2511e2704714a6bdb36dbd4697faff1f766abe7c3ae55b40bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduE2mGVUUaCC6F8kxBiV4YLtDDfRmMiJNGWikVF8Ja0NW89-D7pGB-AexuIBSvTzV-gDA2zAgcDy453fNMm6dNCKQAH7p0o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
106360
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"cb4c7f8a5e3003118790fdf78ac870e4"
vary
Accept-Encoding
x-goog-hash
crc32c=ACIT8Q==, md5=y0x/il4wAxGHkP33ishw5A==
x-goog-generation
1651316830569023
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
106360
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 01 May 2022 04:32:42 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=Email2&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.16&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=100&cb=1651379262402
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&utm_medium=Special_NL&utm_campaign=SNL_May22_events&AV_SUBID=Email2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.16&responsive=1&sver=2&avtoken=262401&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1651379262418&AV_C_USER_ID=1651379261103-993207081315-006267-015-006377
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.80.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-80-154.compute-1.amazonaws.com
Software
/
Resource Hash
df70ced516eb51455e038e73c08ac0e7d93a7ada792d78fe63f283fddade31ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 19 Apr 2022 14:41:02 GMT
pvClk.min.js
analytics.webgains.io/ Frame 218D 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jra6axxek0yrppn4xyg0matmcfzvcfcgarb3tgzfxcmd2rvcx7neb246h94p8ge3kz36ybcxgp4fg5ppvwbchdrmh5v89yvvr51q4qmafa1tbwzftgrkrbe4aq0ajvamqy6f8m9xz1spxk1dkcp2gdc27cv3njay8g65jj5d6tj9ht0q1dzx2447b531dj88f3xv658h1qbs0b77wqx9zdv5c747agdkm71wzfb2n2gnwafe0059jkghd10ethpjt28v93gk5dz59mvp8g44agyh1v5rycp151wqqz8zerdvgx7zxmpwbpv%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%252526client%25253Dca-pub-4627517680249670%252526adurl%25253D&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
84243
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 30 Apr 2022 05:03:40 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
52083
x-amz-cf-id
DU9mb_Isf5et7a-O2Hb_FPVS4F50dTVUJ2eWK5cfORWC2tklp4Wlcw==
link.html
track.webgains.com/ Frame 218D 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneiddA1FEfR2CRpXhVCjHwtEtbAdf3T4TG4KCjoneid__asuid4hqQO7AkLcgjwkupModeEFzYBhT1qXrxasuid__suite_mweb_Netmix_Reach95_TELEKOM_POSTBANK&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C24673&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=728&d=90&e=U-97rStad75hQ0t3tw-Vv9wR5rRqPJt0&g=35a190e4f04a82566ecc1aa3c23f413d%2F10640342776587747118&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1651379261791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyxsgkyxeh79t8be3qmm4spdrg5m64ywmabs9pwjg4xa9jn288x6ypyvc4d8bapzhg8ggdad4bkjmp2zrfv9c51j8ypr46c0j10f5fhq7680cxhesceqa13bjpbeadxwgasp8swbh8640jgk5wm50hn1by87vc6v5pj73xjggxpj9ry1bdnztk9vn1bwg6rya9ajg4gksfr1w3s8xn5nfe47zvmn32sjx1ew9bs5yx2zgf932mw42v0wg2j91abpyqyxdtrdn0hh2nwfrz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxZ_IPAxuYoKkJseqYYmPi6gDkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKABwq7o3QPIAQmpAnSt0hposLE-qAMBqgTcAU_Q4RibbTC6I3OKEyQ_7XfaNnAc3ZLJ7lyWSe3yqgLaSw9oYaZIOSkB4Jv4xdSzNv6knDo4ycbq7gLjFuWs87V3vZsQR4bODl8fLK3UXhxi39uD0_ZzqqulDYZe68Kz3cZ-2elt6YYwHuzvc71-HpJxocshZEdR9xer4oW67ZmL5tf_Xruk6jvzXlE6F4IVC6dkFZE3xhbY6VBR_6-6AA6cMqguWPBKddlFxpx13ZGTda2HvjxnRc-stLUc9ZAtwzDi6TvZRSQ1xb0793YJe4iEOq2KtL-xK8Vb6O-ABqPh6Ov57OTX9wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3jQmWivO02K7hkLqY_p33W-_JZMg%2526client%253Dca-pub-4627517680249670%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:42 GMT
Last-Modified
Sun, 01 May 2022 04:27:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.203.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-203-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 11C1
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1651379261103-993207081315-006267-015-006377&biddername=55&key=1546037284600551829
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1651379261103-993207081315-006267-015-006377&biddername=55&key=1546037284600551829
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.78.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-78-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 01 May 2022 04:27:42 GMT

Redirect headers

AN-X-Request-Uuid
8db7e3d0-9b66-483c-b6c6-646011977dbc
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 01 May 2022 04:27:42 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1651379261103-993207081315-006267-015-006377&biddername=55&key=1546037284600551829
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
pixel
ap.lijit.com/ Frame 875D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651379261103-993207081315-006267-015-006377%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:42 GMT
X-Sovrn-Pod
ad_ap1ams1
avpb6.15.0.js
player.aniview.com/script/6.1/ Frame B9FB 		344 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
282e6548c56f8ae5d6c8eac90942853dabd60a2c5d332233cd564e870b223e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsBjGy4s3HoL9wgbktILRDzuFv5nJADt40BaLbU0n4zC0OcO7a_-fbZOV7sHtnxcFFwp0COS3WA4D4dW4_Q1t1Oaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
104578
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"06757336219c6d8c7306fd2eaeb24d3d"
vary
Accept-Encoding
x-goog-hash
crc32c=26QwyA==, md5=BnVzNiGcbYxzBv0urrJNPQ==
x-goog-generation
1651316830609059
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104578
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 01 May 2022 04:32:42 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&us_privacy=1---&cbb=1379262585&imp_id=bd2ce326-c05a-44ce-80b1-594f9fc12ee1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:42 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b2b5818b-6348-431d-a9c6-98b55867fe0a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1651379262589&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24%2C626a7b5c1576bc4c20574e49%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C608e90cf34acc10fb7767e4a%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C0.71%2C%2C0.21%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 01 May 2022 04:27:42 GMT
server
ATS/9.1.0.46
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 01 May 2022 04:27:42 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
cygnus
htlb.casalemedia.com/ 		36 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2231f747e455fd65%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245b9332e8d1998%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5bd55767f80992a8a44265147ff1067ef28dbf8559685f358254fe5f6b38fd35

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:42 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 01 May 2022 04:27:42 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
adaa2f7ccf06f03867df7939007e0a4683401bc51da8107cad56c39751142a60

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 01 May 2022 04:27:42 GMT
X-SpotX-Timing-Transform
0.000326
X-SpotX-Timing-SpotMarket
0.003271
X-SpotX-Timing-Page-Mux
0.000874
X-SpotX-Timing-Page-Require
0.000305
X-fe
103
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.010439
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000254
Last-Modified
Sun, 01 May 2022 04:27:42 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003271
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.005373
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d7af084f7787762162877eb52290c53601a9f2375228eda6f3b5bc2d8a0c6c2b

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1651379262815&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FAC3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=1749102031733190&bg=!OjmlOX3NAAZNIUvJbSE7ACkAdvg8WhWC8eEmiy_s8uOfI_m3EGH0x3_RNxIKhamb4EZ_bbQl0jmeWgIAAAD8UgAAAAFoAQeZAwX-S6zgJvs0KJNMBf5aHruL86M3FbAX6RcIwyvPD5nzCEryTfl-ygcvulNdGj4PFBYmCmY-sM2Uaxt06c0sXSIkpMbQCzLlqCFzwym6ZWdonb5Ftib7v6E9Syxj2RTXc6mnDc0lfbpEQOiBagzDzNor1M3RVAZ7MRFg3Z5jKXWDxmucTIp6ZkcN6BjQ-iRwho9gLuh9BhA2nIcXX0T3xmvnfzHN6G6d2bGsaIyV2HbIXi3APg_xd8TRUzhWHmsqiXjUKbmJ05n0Ac4nVeZMU2XaXAsV9a2PkLBcjK1zpFMaLSyVUHomujDq1j77cbNNcYtJkVHXmtxiUGf2mhX4-2Y41fpma877wuP1hLVeSE8ZRxhgh7w5m8Ran1y9cHiRx0H9IAUirrRerg4THWsU-2GMf_oemt744rk8YFZ-Cz7_iY1-6GXqhGUfA-AU2vq4gzoBWj04fb6usNuAT4a5CdSBvaxnW35NcFNFvO49kJkt57Nk9cNp6CuKDF3JQdaZU6YXSZTff-kdB8FvrmVhl4hKn-2vB1cR3_F0_k-ZQ0poGn5CoKlROCuC6_hlbI28QL7Dtu7GE1sxBWq790pBk_jMPrGR1adSwkSDPKb_NZQ1npWcgnHakEDSQo-7a5Vla4HWeHSIUncotgmtH-UmolEXDE1I2BEEx7iI3oZm-kxVhJ7tKLdABjVmFpxpGekNFfnJI2xdLBsmMYyjqicfK0mJsY7ck_h7JDBHnpGR8cyUIuZJWKndWk91esRj-wKkFLev097uh--VdavrIM3WveAJyY-2UZ6qni1yEIxxwvpnny_uAXPToUzcKaxUulyURepz97eAFdANRTAefThzvbIMKjExp5LYedLVgtrpFzIweYewYHf2o773sw_xPhrgBy0pl867-IHEGgJcUNsdnqDgOXH7aF0JgFmhaGxCaGLiJtQQKHaZtcpv3OelLFnG47mIttJuiLstQVc4BoukwgRRCyVVPYTx9lzX8y8MD0aNB6_Hc7evolZ-qyKiOE1g7B2IbonTtw
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/friday_the_13th/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_May22_events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B9FB 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128368
x-xss-protection
0
expires
Sun, 01 May 2022 04:27:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b995acb1547188a5ab8e51c1b1cb94e29b108015f799e6865d04393faef7f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10672
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 May 2022 04:27:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 975C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31940
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 19:35:23 GMT
expires
Sun, 30 Apr 2023 19:35:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 660E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59c5f94aa27f31973be9512c7d1a3f525b0ffe6aecbfe120b7ae787decf975f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uW70r2ia8JkIPSjvrVldVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-uW70r2ia8JkIPSjvrVldVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:43 GMT
expires
Sun, 01 May 2022 04:27:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 218D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:43 GMT
server
nginx
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=bid&cb=1651379263236&asid=623daf9810ba54791c251d39%2C62459a9a0546da6efd2c8e08%2C613476638d66832318703f04&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3FB5 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128368
x-xss-protection
0
expires
Sun, 01 May 2022 04:27:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 660E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=1233110370848255&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 975C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 17:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
39706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:25:57 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame D89C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 May 2022 04:27:43 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 4BCC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
038990a31a4aaa0f5d230589d93320b6f51f5c5cc522d8b43acd6db2bf9e2426

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1644
Content-Type
text/html
Date
Sun, 01 May 2022 04:27:43 GMT
Dropped-Udsids
73|3|88|206|17|57|218|64
Expires
Sun, 01 May 2022 04:27:43 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4BCC 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c9e0:96ce:8ce5:2ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 4BCC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:44 GMT

Redirect headers

Date
Sun, 01 May 2022 04:27:43 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 01 May 2022 04:27:42 GMT
rum
dsum-sec.casalemedia.com/ Frame 4BCC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Ym4MPwAF_NNNZQAZ
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym4MPwAF_NNNZQAZ&gdpr=1&_test=Ym4MPwAF_NNNZQAZ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym4MPwAF_NNNZQAZ&gdpr=1&_test=Ym4MPwAF_NNNZQAZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:43 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1651379264.752998,VS0,VE0
x-served-by
cache-cdg20723-CDG
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym4MPwAF_NNNZQAZ&gdpr=1&_test=Ym4MPwAF_NNNZQAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4BCC 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4BCC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 01 May 2022 04:27:44 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 01 May 2022 04:27:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4BCC
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685623021286509
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685623021286509
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:43 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685623021286509
Date
Sun, 01 May 2022 04:27:43 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=23728&dpuuid=Ym4MPFKT-l8EbcsviYHnjgAA%261191
dpm.demdex.net/ Frame 4BCC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ym4MPFKT-l8EbcsviYHnjgAA%261191?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.107.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-107-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4BCC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:42 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4BCC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ym4MPFKT-l8EbcsviYHnjgAA%261191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:43 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1685
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:55:48 GMT
generate_204
tpc.googlesyndication.com/ Frame 975C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nwx_oQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 51E1 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B9FB 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 04:27:43 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 877A 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B9FB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 358D 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3FB5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 04:27:43 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 705E 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame C699 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3FB5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BEDD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6436 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9675 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AC0B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 16E0 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 51E1 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=455732402803474&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3013835890&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dlt=1651379262242&idt=1830&dt=1651379264208&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&scor=937319077029999&ged=ve4_td2_tt0_pd2_la2000_er1157.320.1309.620_vi0.0.1200.1600_vp28_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 877A 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2141816550311091&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1459388357&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dlt=1651379262242&idt=1840&dt=1651379264213&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&scor=1379013194101932&ged=ve4_td2_tt0_pd2_la2000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts0_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 358D 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C46400095%2Ftsm%2Ftsm_mcm_video%2Ftsm_mcm_video_123greetings.com&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=773425608877190&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3060548774&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=4B04D224-5828-4358-AB6D-990619FD8DDD&nel=0&eid=44754609%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dlt=1651379260604&idt=3488&dt=1651379264217&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&scor=2411567368850856&ged=ve4_td3_tt0_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 705E 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652786701%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&tfcd=0&npa=0&sz=400x225&gdfp_req=1&max_ad_duration&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1250591176575981&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1776703461&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=4B04D224-5828-4358-AB6D-990619FD8DDD&nel=0&eid=44754609%2C44757675%2C44761692&dlt=1651379260604&idt=3503&dt=1651379264222&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&scor=742125837075941&ged=ve4_td3_tt0_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C699 		82 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&tfcd=0&npa=0&sz=400x225&gdfp_req=1&max_ad_duration&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2459541407870172&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2031058793&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=4B04D224-5828-4358-AB6D-990619FD8DDD&nel=0&eid=44754609%2C44757675%2C44761692&dlt=1651379260604&idt=3524&dt=1651379264230&cookie=ID%3D35ecfce485a8d746-22987d4c88cd006c%3AT%3D1651379259%3AS%3DALNI_MZqFcoeCuT8yhIehrwBcVNRSSwTxQ&scor=2572547529050420&ged=ve4_td3_tt0_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
bbecd91771374126efdd9a910630ed889c8cad98018fd414ecc983e74e3f0fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17360
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=1233110370848255&bg=!Hh2lHVnNAAZNIUvJbSE7ACkAdvg8Wj1d-80MqERnZ2R31Pe0fXvTrf7qq_3rUYTPmGiwSYJyyPcWuQIAAAFsUgAAAAFoAQcKACrZQ-GeQRbYH1Milkj8mIp11UFZ8yN0W0gMiVTp4xVzYZdzNnFBrpzXQoWZAvWhKb39KLvG6IZxrCkFvBjmQP1WqmXwqDxyjg3tfiAN8prVrXEDit6FKlqeurmlTFXmCyb8k_g-fbA3yZzRKR10y258FGMgOh2YCEH-VT56zY-xnSyJewCTUIHfTtZTAsKqTOY3FriDkKHHPhsVqeosu_x2xJwVHJ9zG4U0sGT3UCu2x3xxtM9075-PYIZze-jSYEj3yRRckEaP7jR6NiMj9PM2Jk8QBJdH0ze-tJc7Borqqw0HbT0c9Z2wH2dCopxFkIUaP7717D1fyOe0Y-yPmbRFTeuVHEdt32UipDtiYyd4prgEhH74vQLcnTE6YuKPsd3PaZHwdEKxB7ys2JOKU7z3UqK4vQpS-T6wIMY3lrz8SGHytYNb1zqS1v0Fvpavd5m9X-oJTATyaSjgSjmjdkPsaRLWuayuZFlqK73gXOe1740odpmBLpyHXkHNiVwlgAiR7rbpU6jBLjlyl7ZKdTz4eItp34ha_0g9a-ydXId9y7sY3qTvK8Mgf-IF2DxS-WBMORpi45z2BeXR0jffXbkTlmeyF1Bpau-kDBm4K08KQZOkZBmuFPYcmUkwEvUlf_ok9aB_pHUZ31NAs0mj87WzwGaQuEg8fwZm0AiSawc5GTVBnQtb6aP6L8bDJqDFmZ338e9thLIh7WLkvgGNyaJFimFD6XdKDVXckdYUdGVBeUDqh3A-NzV-4Osq3PaF8vwzmJuG8N_kDY7zcsEHpWwug6aFeB3Em3LOdcKl-Hw7LPuU5-HVofLoy3NmnHzL3SFoDn1smAShLqy1KrX-fdcJ29VgX2kkdFyR62rrILvirmYSrijQPpXLqWMcffOcYS_Jhlh04OqZFX0hG0QHZd6GVnzp0V3cXff5W3jUOCzVGXVvsINtP0DO76IH-9ghR22m8B3Oy3MVhLo8wKGhGnZMFZfYfgWGJlw_ZpsvMf85UcDiJlM51JTs3N071rfpZ1IGZGU8dPiGQk6tRy46t-yPo2-BUmpYPwUf6-zw1Bc-yPQn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379264444&oz_l=106&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
s0.2mdn.net/4528404/ Frame 44E5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17679434869003470663/1643485919913.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17679434869003470663/index.html?e=69&leftOffset=0&topOffset=0&c=4tW6oGD9vV&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 12:04:25 GMT
x-content-type-options
nosniff
age
58999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 May 2022 12:04:25 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.203.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-203-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
dc_oe=ChMIxtHOkbu99wIVQZn9Bx0aSAy7EAAYACC03uxKQhMI-YCokbu99wIVSov9Bx38BwY9;stragg=1;&timestamp=1651379264540;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 9F6B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxtHOkbu99wIVQZn9Bx0aSAy7EAAYACC03uxKQhMI-YCokbu99wIVSov9Bx38BwY9;stragg=1;&timestamp=1651379264540;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 01 May 2022 04:27:44 GMT
server
ATS/9.1.0.46
ptv
ib.adnxs.com/ 		85 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&us_privacy=1---&cbb=1379264558&imp_id=8ba0ccd4-c999-45b8-a6a9-47e96137e561
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:44 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7161fc34-5344-4726-892e-73bb3b83c52e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1651379264558&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C626a7b5c1576bc4c20574e49%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C608e90cf34acc10fb7767e4a%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C0.71%2C%2C0.21%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2212a1c6d699252a7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22134839cb61abfd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
981276f65cb1c345d1d051e87b6cc1b82424ea5aea1ddef1196eae6211c03f45

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 01 May 2022 04:27:44 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 01 May 2022 04:27:44 GMT
X-SpotX-Timing-Transform
0.000258
X-SpotX-Timing-SpotMarket
0.003183
X-SpotX-Timing-Page-Mux
0.000937
X-SpotX-Timing-Page-Require
0.000396
X-fe
143
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.008590
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000316
Last-Modified
Sun, 01 May 2022 04:27:44 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003183
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.003465
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ece3a1c9922b670083163bf9a878072f60496d6c77f93982015855db78a06eab

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 01 May 2022 04:27:44 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
528c7acac437c2c1cdc666bd4a4d45e213af84c94920f03fd2e7292065f5616d

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
truncated
/ 		581 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1651379264709&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame EF99 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B9FB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame ABC1 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A76A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F026 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
csi
csi.gstatic.com/ Frame C699 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2mskr3j&c=5072026763038&slotId=2536013381519&qqid=COGZv5O7vfcCFRCndwodWr0LIg&gqid=QAxuYt_dDvuKjuwP3rMV&fb=ima_html5-lima&sdkv=h.3.512.0&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44754609%2C44757675%2C44761692&met.4=ghmsh_s.l2mskrie~ghmsh_s.l2mskrif&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=F4fgioLb910xjrQC
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C699 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-7521520845913646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:12:00 GMT
x-content-type-options
nosniff
age
944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 05:02:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbVOCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKkCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvaGR-4lEfhyZPn0a83Dy7WXTvkKW9fJ_QBUjJzA-_JffvR6fAS-xg93jhD1ystgzzSVpc29ajtf-HhAULEVwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTixCXObfLKnRUnlgAoDmAsByAsB0AsPsBOG1YMP2BMC2BQB0BUBqBYB-BYBgBcB&sigh=pT-7bqn36TE&label=show_ad&acvw=&sdkv=h.3.512.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CIAEJQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKoCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdkw6us0nl5W8D2WHksvo5VXm1yxZCW8kTomg7Wc8viymCC3DEBfhd6NV5OU01IQziNFx8ZPM5561ZMJiQM-1JtQ6h85Zo3pkVsDNpj3293WJ0AItCi2kjrAc80KFvrHcUfQ6ZpOVq8nLERxgOBYkAyYO922yw8M--9Ezq9c_ZdA80xEd1tV8u3iej0O8DMWwCbmGmfi2nNUC-5_bQsWgtqdbgM6-w31JgFxWnmVtZ6dxdUpiEYSyTXysd0O1fNoQiJSDtR7oI6ZrCu4MAEm7Hawv0D4AQBoAZUgAeLrfL7AqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ7OCoAqgIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA8gLAbAThtWDD9gTAtgUAdAVAagWAYAXAbIXHgocCAASFHB1Yi01NzE3MDkyNTMzOTEzNTE1GNCKEQ&sigh=XXXk5mnuqyg&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.512.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
truncated
/ Frame C699 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame 3FB5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2mskqsw&c=5072026763038&slotId=2536013381519&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C699 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.512.0&e=44754609%2C44757675%2C44761692&id=ima_html5&c=8202240543225&domain=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-4g5edn6y.googlevideo.com/
Redirect Chain
  • https://rr3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1651408064&ei=QAxuYs-THo3p1gLa_pPACQ&ip=146.70.117.69&id=fed43a94fd383d1a&itag=22&source=youtube&requiressl=yes&mh=Tc&mm=31&mn=sn-4g5e...
  • https://rr3---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1651408064&ei=QAxuYs-THo3p1gLa_pPACQ&ip=146.70.117.69&id=fed43a94fd383d1a&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1651408064&ei=QAxuYs-THo3p1gLa_pPACQ&ip=146.70.117.69&id=fed43a94fd383d1a&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1651280458984614&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgFRXqlbh4XrZvnHDaye9qpKlBf28uGRYUyFQApp7tryMCIEWvQ6G3DDmc7rVp74OZqPQOM4LVpgEyQOUJzSJRkenq&cpn=F4fgioLb910xjrQC&redirect_counter=1&rm=sn-4g5ede7s&req_id=da17edcc2e136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Tc&mip=2001:ac8:20:271::1e&mm=31&mn=sn-4g5edn6y&ms=au&mt=1651379082&mv=m&mvi=3&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJXlVQg9mC9Qp2VQSSy31iwZuHle7nNUJPCRhzoiO-TLAiAGMMh1nAZVn7kDmaQk9-2RwvGb11EaFpnyBIQjVo7TFQ%3D%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
532faddcd31288f0b8f13dd549def0f47ec993f3208af655cd488ff0b0d4b964
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 30 Apr 2022 01:00:58 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2066763/2066764
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2066764
Expires
Sun, 01 May 2022 04:27:45 GMT

Redirect headers

Date
Sun, 01 May 2022 04:27:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr3---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1651408064&ei=QAxuYs-THo3p1gLa_pPACQ&ip=146.70.117.69&id=fed43a94fd383d1a&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1651280458984614&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgFRXqlbh4XrZvnHDaye9qpKlBf28uGRYUyFQApp7tryMCIEWvQ6G3DDmc7rVp74OZqPQOM4LVpgEyQOUJzSJRkenq&cpn=F4fgioLb910xjrQC&redirect_counter=1&rm=sn-4g5ede7s&req_id=da17edcc2e136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Tc&mip=2001:ac8:20:271::1e&mm=31&mn=sn-4g5edn6y&ms=au&mt=1651379082&mv=m&mvi=3&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJXlVQg9mC9Qp2VQSSy31iwZuHle7nNUJPCRhzoiO-TLAiAGMMh1nAZVn7kDmaQk9-2RwvGb11EaFpnyBIQjVo7TFQ%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Sun, 01 May 2022 04:27:45 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EF99 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2711068509596455&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=497450084&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dt=1651379265091&cookie=ID%3D35ecfce485a8d746%3AT%3D1651379259%3AS%3DALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g&scor=1111979770433832&ged=ve4_td3_tt1_pd3_la3000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame ABC1 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4489388886823686&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2077799955&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dt=1651379265107&cookie=ID%3D35ecfce485a8d746%3AT%3D1651379259%3AS%3DALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g&scor=1533948492374199&ged=ve4_td3_tt1_pd3_la3000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts0_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CbVOCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKkCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvaGR-4lEfhyZPn0a83Dy7WXTvkKW9fJ_QBUjJzA-_JffvR6fAS-xg93jhD1ystgzzSVpc29ajtf-HhAULEVwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTixCXObfLKnRUnlgAoDmAsByAsB0AsPsBOG1YMP2BMC2BQB0BUBqBYB-BYBgBcB&sigh=pT-7bqn36TE&label=video_ad_loaded&acvw=&sdkv=h.3.512.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame C699 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 01:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Apr 2023 01:20:27 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CIAEJQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKoCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdkw6us0nl5W8D2WHksvo5VXm1yxZCW8kTomg7Wc8viymCC3DEBfhd6NV5OU01IQziNFx8ZPM5561ZMJiQM-1JtQ6h85Zo3pkVsDNpj3293WJ0AItCi2kjrAc80KFvrHcUfQ6ZpOVq8nLERxgOBYkAyYO922yw8M--9Ezq9c_ZdA80xEd1tV8u3iej0O8DMWwCbmGmfi2nNUC-5_bQsWgtqdbgM6-w31JgFxWnmVtZ6dxdUpiEYSyTXysd0O1fNoQiJSDtR7oI6ZrCu4MAEm7Hawv0D4AQBoAZUgAeLrfL7AqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ7OCoAqgIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA8gLAbAThtWDD9gTAtgUAdAVAagWAYAXAbIXHgocCAASFHB1Yi01NzE3MDkyNTMzOTEzNTE1GNCKEQ&sigh=XXXk5mnuqyg&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.512.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
B26679977.318210260;dc_trk_aid=510672020;dc_trk_cid=160234874;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIuYLMwz-oAqr70P0CsALIlbYNQDsQ3aH2AlXKTFyMAlXzGVtpeEOwz-4=;ord=11814...
ad.doubleclick.net/ddm/trackimp/N1651194.279382BIDMANAGER_DFASIT/ Frame C699 		42 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1651194.279382BIDMANAGER_DFASIT/B26679977.318210260;dc_trk_aid=510672020;dc_trk_cid=160234874;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIuYLMwz-oAqr70P0CsALIlbYNQDsQ3aH2AlXKTFyMAlXzGVtpeEOwz-4=;ord=1181460040;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=16871536575044664482;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMI4Zm_k7u99wIVEKd3Ch1avQsiEAEYASAAEgIs2PD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s10-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1577%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C699 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTJ3Eq-uFNASpzyjT6guStKwWj8q_InS40K0nTNSRBSOomOvUj4F6RskM03-otcS01MxHgaBFwkqBgd_0rYZbtCPZprg8ZbvyqAkEFfu76iwm2WysaRBwiyoPWfowqcoKHGTsQHQ&sai=AMfl-YTcuyv_Iyrq2cQaPniUw8RF8RdxMEVdlKGkGqi7H1xUmUH_vR7ghtxe6VVniTPO-a5_Rhexbbmy5y72ks7OyaF3gn3akPiuX2_acqwwDzlIcz8uctCoFGenGMI&sig=Cg0ArKJSzD3cVBB0P6VhEAE&cid=CAASF-Ro7VDAIYHixHK5Ym4GlVda1MKSrv-D&id=lidarv&acvw=sv%3D925%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1578%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame C699 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=16871536575044664482&acvw=sv%3D925%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1578%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D925%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D925%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1578%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1579%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D925%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D925%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1579%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C699 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.512.0&e=44754609%2C44757675%2C44761692&id=ima_html5&c=8202240543225&domain=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=admute&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amtos%3D0,0,0,0,0%26mcvt%3D23%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D23%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D23%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D23%26dfvs%3D23%26dvpt%3D23%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1585%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,23&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D925%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amt...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D925%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amtos%3D0,0,0,0,0%26mcvt%3D23%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D23%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D23%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D23%26dfvs%3D23%26dvpt%3D23%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1585%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,23;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C699 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l2mskrpx&c=5072026763038&slotId=2536013381519&qqid=COGZv5O7vfcCFRCndwodWr0LIg&gqid=QAxuYt_dDvuKjuwP3rMV&fb=ima_html5-lima&sdkv=h.3.512.0&mrd=6&aab=1&itv=1&met.4=ghmsh_s.l2mskrpy~vss_tr.wk~ff.l2msks0u
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=impression&cb=1651379261225&ad=15&vi=100&d4=1&d5=4&d1=vpaid&fv=3&stk=1&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_[AVC_WFCYCLE]&e=start&d1=vpaid&fv=3&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 3767 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
577422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 12:04:03 GMT
expires
Mon, 24 Apr 2023 12:04:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame 3767 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 12:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
144495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 12:19:30 GMT
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.203.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-203-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 May 2022 04:27:45 GMT
playback
s.youtube.com/api/stats/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44754609%2C44757675%2C44761692&el=adunit&cpn=F4fgioLb910xjrQC&docid=_tQ6lP04PRo&visitordata=CgswaEJMY01nN3Iwdw%253D%253D&ver=2&cmt=0.263&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=101.0.4951.41&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3767 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.512.0&bgai=Bq7F5QAxuYuH5EJDO3gPa-q6QAgAAAAA4AboFEwjf_byTu733AhV7hYMHHd5ZBQA&bg=!-fql-r7NAAZNIUvJbSE7ACkAdvg8WvnWsQUmf4qe0jLyadp6rVDk0GJ38-VZOpcCM5W0N4IFVGmttQIAAAFxUgAAAAJoAQeZAqcByItGYRLiPac8Zx9I6y_0psfz6Pxv_msVVt_7FJ8HdWu2Vx4eHRH_3WO90jEhvsUnSjS4hdINwgXGuU4Wdl1-FOJpbGONIz2pacvxZevANwlMX-vRLBT4e8qyMnhSu174dYV1p8l_BokTRRM6MXYsRVKG2_GxKmOjdocCSnt8-MrqC80zWrGH7X0mU2_dWevCtnpxoorBaeu0WskT1SdvoVfy55AFODR2foUKUikwP5OwoFzDXfG18xFsZBi_iDvCDn6fhgMi57paC5zwAcXfA_PLdOP_spN1vkIiEzTq5E0cpH-GP9ki7EqTFWS7y_MMYz946syswj7MOC6MKaRId-PKjamDjBGO0d9_u1lpGalVWgTqH3Tp5XXXPg41QFK4YBNwEG0Gh9IS7u-VsFMRUr5417uK5_CGc-XB6xC1Vsp4XGUqFrN4R4ehz7fdPgkXD_ln7OXiflmWcvgIK9uRVsydrmR1Lj8dAyL49aJbH0A5dc8Bl-LpvbAYWtPMQXtoRHeAdgqCQ8bciso4fGnoeMDqo1A5tzcyxT0vOMXeugAgN5KoPB8fn7Zl2pUzXHOdpzAvGJyg_QVssymYWt7pUYwiKczdgpMJq7q9jMVfw66Z53is5qW_dSqsSohbCgA_lEwErP-J3bbeFJ5SjyJcn8Av1GmLmWkBv13787RpRTC6bHD7O8WKvFFzWQhAzJIwIu2vBJfQ_pVQPpNh_5MGWy79kmwolLxKfoonkDktACFd5a2JPhsCSR7eCvIgpToxlYzUDhLN75g4FC-hOycPtMreeo09jBXJB0mefFhU30hEBOE3Enq_jfBCrOlWJpwHYDCnOrmH3m8MYhbHHMrNNHOENqpyy-aPjYaN4K3rhvpuQj0FRVizoGMxx0Ky0zcx0IOn308p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
int
lm.serving-sys.com/lm/ Frame 6EE9 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.141.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-141-3.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
int
lm.serving-sys.com/lm/ Frame FE6B 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.141.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-141-3.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
postback
s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cccobh.com/2/2.55.0/945541/ATzPmwUHEPPsNcen/postback?c2=loginid_&c3=connectauthcode_&si=main&ui=&c1=country_&ci=945541&dt=9455411647029059265000&pd=acc&mo=0&sid=ATzPmwUHEPPsNcen&oz_sc=1a7cc591a1b395a7ebb683a3&oz_df=1651379266645&oz_l=327&cv=3
Requested by
Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.55.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 May 2022 04:27:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame C699 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTJ3Eq-uFNASpzyjT6guStKwWj8q_InS40K0nTNSRBSOomOvUj4F6RskM03-otcS01MxHgaBFwkqBgd_0rYZbtCPZprg8ZbvyqAkEFfu76iwm2WysaRBwiyoPWfowqcoKHGTsQHQ&sai=AMfl-YTcuyv_Iyrq2cQaPniUw8RF8RdxMEVdlKGkGqi7H1xUmUH_vR7ghtxe6VVniTPO-a5_Rhexbbmy5y72ks7OyaF3gn3akPiuX2_acqwwDzlIcz8uctCoFGenGMI&sig=Cg0ArKJSzD3cVBB0P6VhEAE&cid=CAASF-Ro7VDAIYHixHK5Ym4GlVda1MKSrv-D&id=lidarv&acvw=sv%3D925%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2063,0,0,0,0%26mtos%3D2063,2063,2063,2063,2063%26amtos%3D0,0,0,0,0%26mcvt%3D2063%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2063%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D472%26pst%3D480%26dur%3D15000%26vmtime%3D1880%26dtos%3D2063%26dtoss%3D1%26dvs%3D2040%26dfvs%3D2040%26dvpt%3D2040%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3625%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2063&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame C699 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=16871536575044664482&acvw=sv%3D925%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2063,0,0,0,0%26mtos%3D2063,2063,2063,2063,2063%26amtos%3D0,0,0,0,0%26mcvt%3D2063%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2063%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D472%26pst%3D480%26dur%3D15000%26vmtime%3D1880%26dtos%3D2063%26dtoss%3D1%26dvs%3D2040%26dfvs%3D2040%26dvpt%3D2040%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3625%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2063&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D925%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2063,0,0,0,0%26mtos%3D2063,2063,2063,...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D925%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2063,0,0,0,0%26mtos%3D2063,2063,2063,2063,2063%26amtos%3D0,0,0,0,0%26mcvt%3D2063%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2063%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D472%26pst%3D480%26dur%3D15000%26vmtime%3D1880%26dtos%3D2063%26dtoss%3D1%26dvs%3D2040%26dfvs%3D2040%26dvpt%3D2040%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3625%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2063;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=sec3&vi=100&d1=vpaid&fv=3&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rid
match.adsrvr.org/track/ 		63 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
2a819f7f8b1d7cce2d88518e415593bdc4f3b22053f5db71bdef72de6bebe9b9

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 31 May 2022 04:27:49 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 86A8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85283
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 01 May 2022 04:27:49 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 May 2022 04:46:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 805348
X-Served-By
cache-lga21948-LGA, cache-hhn4031-HHN
X-Timer
S1651379269.021428,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1C5A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128769
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 01 May 2022 04:27:49 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 02 May 2022 16:13:58 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6663 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1651379261620
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
a4bd40ade200094216812a0b0b27814fe88c5a97d8d4a7be9cba95f87bf2c857
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1440
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 0B12 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 May 2022 04:27:49 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame CDCA
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
1ab2c95accca9a636a2b27033023c217c7076b4383560a780f3b2725e2ff1277

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Sun, 01 May 2022 04:27:49 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 01 May 2022 04:27:49 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
930c626e-0c40-4400-90a8-8bc76f51a7cb
onetag-sys.com/sync/i,1/ Frame 6663
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
  • https://onetag-sys.com/sync/i,1/930c626e-0c40-4400-90a8-8bc76f51a7cb
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,1/930c626e-0c40-4400-90a8-8bc76f51a7cb
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 01 May 2022 04:27:49 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/sync/i,1/930c626e-0c40-4400-90a8-8bc76f51a7cb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 01 May 2022 04:27:48 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6663 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
5867207847807012380
onetag-sys.com/sync/i,34/ Frame 6663
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=90TQjaKa67kmYKQDBQ0rZmc95E_oLUwI-sRCj7eUsho
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=90TQjaKa67kmYKQDBQ0rZmc95E_oLUwI-sRCj7eUsho
  • https://onetag-sys.com/sync/i,34/5867207847807012380
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,34/5867207847807012380
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
nginx
location
https://onetag-sys.com/sync/i,34/5867207847807012380
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
onetag-sys.com/match/ Frame 6663
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1546037284600551829
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1546037284600551829
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a251a4c7-f6b3-4f40-984f-fea796a343ae
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1546037284600551829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6663 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=90TQjaKa67kmYKQDBQ0rZmc95E_oLUwI-sRCj7eUsho
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
sync
pixel.advertising.com/ups/58198/ Frame 6663 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.227.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-227-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6663
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgH3f7esCDCnRK0rNhqW2IoDpvYlW2e5gLw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgH3f7esCDCnRK0rNhqW2IoDpvYlW2e5gLw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgH3f7esCDCnRK0rNhqW2IoDpvYlW2e5gLw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 6663 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:48 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 6663 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 6663
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=jbAQuplltF_0SSeBnBM2dqZpfb3G-6r9Y2UjH6pcreA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=jbAQuplltF_0SSeBnBM2dqZpfb3G-6r9Y2UjH6pcreA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QH5PJEF6CG3MX66HARWA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=jbAQuplltF_0SSeBnBM2dqZpfb3G-6r9Y2UjH6pcreA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 6663 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:47 GMT
content-length
0
/
onetag-sys.com/match/ Frame 6663
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEw6JXjmJYIYT7kafdS-Mj4&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEw6JXjmJYIYT7kafdS-Mj4&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEw6JXjmJYIYT7kafdS-Mj4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 6663
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ
  • https://onetag-sys.com/match/?int_id=92&uid=y-j646NS1E2uF2ow2QQph0t52XlZmY.SEgnDvzDX8-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-j646NS1E2uF2ow2QQph0t52XlZmY.SEgnDvzDX8-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-j646NS1E2uF2ow2QQph0t52XlZmY.SEgnDvzDX8-~A
date
Sun, 01 May 2022 04:27:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 6663 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
onetag-sys.com/match/ Frame 6663
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26use...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26use...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d0246778-8aef-5279-8b3d-b8fce953b4b9&ssp=onetag&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1651379261620
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 01 May 2022 04:27:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame CDCA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CDCA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame CDCA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CDCA
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3MTY3NjMyNTE4NjI5ODM5ODcwNQ%3D%3D
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame CDCA 		0
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4371676325186298398705&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:48 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 99044FA6BAAF4EA7BEA455F892176577 Ref B: FRAEDGE1309 Ref C: 2022-05-01T04:27:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXd67K7MgRKqSQMzRwL3Q==
xuid
eb2.3lift.com/ Frame CDCA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4371676325186298398705?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eIHpfo5E2oTQ4afWN2bItNdwl4g_fQRx59HMZCT5IQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eIHpfo5E2oTQ4afWN2bItNdwl4g_fQRx59HMZCT5IQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 01 May 2022 04:27:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eIHpfo5E2oTQ4afWN2bItNdwl4g_fQRx59HMZCT5IQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame CDCA 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4371676325186298398705&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.145.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-145-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame CDCA 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4371676325186298398705&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:48 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D90D76213CD14DDC804ACE85112CEE78 Ref B: FRAEDGE1220 Ref C: 2022-05-01T04:27:49Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame CDCA
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4371676325186298398705
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4371676325186298398705&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4371676325186298398705&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F34TCFXAKART32KAZQYW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4371676325186298398705&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CDCA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 1C5A 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60433309&p=157512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f280871ae5187ee2333454fb6a21207786e9026ccb0efc771baae5b8bf016175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 2649 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d33b903c44bb70da2884c690d75bc7495799c892e206091d467b4816ac9cba61

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1572
Content-Type
text/html
Date
Sun, 01 May 2022 04:27:49 GMT
Dropped-Udsids
130|4|81|90|191|241|13|156
Expires
Sun, 01 May 2022 04:27:49 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 86A8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
42e2d165-ef3e-4a5b-89f3-df182f01af40
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime25&ad_mt=3844&acvw=sv%3D925%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3897,0,0,0,0%26mtos%3D3897,3897,3897,3897,3897%26amtos%3D0,0,0,0,0%26mcvt%3D3897%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3897%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D932%26pst%3D480%26dur%3D15000%26vmtime%3D3844%26dtos%3D1834%26dtoss%3D2%26dvs%3D1834%26dfvs%3D1834%26dvpt%3D1834%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3897,3897,3897,3897,3897%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D20%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D5458%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3897&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D925%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3897,0,0,0,0%26mtos%3D3897,3897,3897,...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D925%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3897,0,0,0,0%26mtos%3D3897,3897,3897,3897,3897%26amtos%3D0,0,0,0,0%26mcvt%3D3897%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3897%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D932%26pst%3D480%26dur%3D15000%26vmtime%3D3844%26dtos%3D1834%26dtoss%3D2%26dvs%3D1834%26dfvs%3D1834%26dvpt%3D1834%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3897,3897,3897,3897,3897%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D20%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D5458%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3897;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=firstQuartile&ad=15&vi=100&d1=vpaid&fv=3&stk=1&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
match
c1.adform.net/serving/cookie/ Frame F6C1 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 01 May 2022 04:27:49 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 136C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=0&gdpr_consent=
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 May 2022 04:27:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug005:0:404

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 01 May 2022 04:27:49 GMT
Expires
Sun, 01 May 2022 04:27:48 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x24 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 39EE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7889732887532466800
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7889732887532466800
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 May 2022 01:29:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug007:0:448

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7889732887532466800
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 4F5B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:48 GMT
expires
Sun, 01 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
313190
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6E1D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7092619953649940623
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7092619953649940623
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 May 2022 04:27:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug007:0:419

Redirect headers

Connection
keep-alive
Date
Sun, 01 May 2022 04:27:49 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7092619953649940623
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F42
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym4MPwAF_NNNZQAZ&gdpr=0&gdpr_consent=
1 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym4MPwAF_NNNZQAZ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 01 May 2022 04:27:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug004:0:402

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 01 May 2022 04:27:49 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym4MPwAF_NNNZQAZ&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-cdg20723-CDG
x-timer
S1651379269.170309,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 5DE9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JNUx-cH8TXZ8yIhqWX-qLZJGdUU
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JNUx-cH8TXZ8yIhqWX-qLZJGdUU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 May 2022 04:27:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug020:0:319

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 01 May 2022 04:27:49 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JNUx-cH8TXZ8yIhqWX-qLZJGdUU
bridge
cm.adgrx.com/ Frame DE64 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 01 May 2022 04:27:49 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-5
server
Cowboy
adx
match.prod.bidr.io/cookie-sync/ Frame 0C06
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCa09VN0UzQmtBQUQwbmVETlBCUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.135.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-135-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Sun, 01 May 2022 04:27:49 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 04:27:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame 1A95
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7045c451ccad01eb-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 01 May 2022 04:27:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7045c4508bf501eb-ZRH
content-type
text/html
date
Sun, 01 May 2022 04:27:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
5950
Pug
simage2.pubmatic.com/AdServer/ Frame 5F02
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 01 May 2022 04:27:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug001:2:286

Redirect headers

content-length
0
date
Sun, 01 May 2022 04:27:49 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
pub
matching.truffle.bid/sync/ Frame FF00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 01 May 2022 04:27:49 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 3749 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 01 May 2022 04:27:49 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-af947c76c088@version_1.419
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame A39E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7b2cf66481e722d0/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=7b2cf66481e722d0/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26g...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsThXjMUUWSbnTXXQa
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsThXjMUUWSbnTXXQa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 May 2022 01:31:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug013:0:403

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7GPoEAlsThXjMUUWSbnTXXQa
Pug
simage2.pubmatic.com/AdServer/ Frame 2A26
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1651379269207
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 30 Apr 2022 22:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0025:0:307

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 01 May 2022 04:27:49 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4821
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c88adf3a-793f-4052-bc19-d5b9a8e1fdfc-tuct96791c5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c88adf3a-793f-4052-bc19-d5b9a8e1fdfc-tuct96791c5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sun, 01 May 2022 04:27:49 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4082-HHN
x-timer
S1651379269.299237,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Sun, 01 May 2022 04:27:49 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c88adf3a-793f-4052-bc19-d5b9a8e1fdfc-tuct96791c5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6960-MXP
x-timer
S1651379269.227204,VS0,VE24
x-vcl-time-ms
24
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1C5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_x2UdoipTJyeME89TY6G-A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=128769
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 02 May 2022 16:13:58 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=930c626e-0c40-4400-90a8-8bc76f51a7cb
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=930c626e-0c40-4400-90a8-8bc76f51a7cb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 01 May 2022 04:27:49 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=930c626e-0c40-4400-90a8-8bc76f51a7cb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 01 May 2022 04:27:48 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1C5A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=caf998bf89a3cf9cecc4da3ff162d008&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkYxRDk0NzYtODhBOS00QzlDLTlFMzAtNEYzRDREOEU4NkY4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 01:29:52 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug012:0:443
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB8rcwn86bLXMrlK2C7s534&google_cver=1
42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB8rcwn86bLXMrlK2C7s534&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 19:45:47 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug023:0:304
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB8rcwn86bLXMrlK2C7s534&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1C5A 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 30 Apr 2022 04:27:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3134622568505817588
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3134622568505817588
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3134622568505817588
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1C5A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546037284600551829&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546037284600551829&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 01:29:56 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug014:0:351
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9acf5f0f-b5f0-40da-b620-bab84cbdcd47
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546037284600551829&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-
42 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 21:06:39 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug010:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1C5A 		43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c9e0:96ce:8ce5:2ad7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PytjsCxE2uWiL9sE0SxUyC.R2R6.lmo-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PytjsCxE2uWiL9sE0SxUyC.R2R6.lmo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PytjsCxE2uWiL9sE0SxUyC.R2R6.lmo-~A&gdpr=0&gdpr_consent=
date
Sun, 01 May 2022 04:27:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:379
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=51257f17-272e-4d05-9dbe-a8638928e7d9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 01 May 2022 04:27:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b40261cf-859a-4c7f-a1f4-0a767c177238&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b40261cf-859a-4c7f-a1f4-0a767c177238&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 20:16:25 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:287
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b40261cf-859a-4c7f-a1f4-0a767c177238&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 01 May 2022 04:27:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1C5A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3564152428396377571&gdpr=0&gdpr_consent=&us_privacy=
1 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3564152428396377571&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:48 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:387
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3564152428396377571&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 01 May 2022 04:27:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1C5A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:48 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1C5A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546037284600551829
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546037284600551829
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 20:13:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:303
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a7df1384-81ea-4204-bf58-ef7de7d1b860
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546037284600551829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 2649 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.135.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-135-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2649
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3996497992623945187
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3996497992623945187
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:49 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3996497992623945187
pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 2649
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5kv9B-Aa_1f9SvpU5x3mBrRPrwf9Tahb6RrsizkO
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5kv9B-Aa_1f9SvpU5x3mBrRPrwf9Tahb6RrsizkO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:49 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5kv9B-Aa_1f9SvpU5x3mBrRPrwf9Tahb6RrsizkO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame 2649
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 01 May 2022 04:27:49 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 01 May 2022 04:27:49 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 30 Apr 2022 04:27:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 2649
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eb5d822e-2a3f-d309-468a5fe5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eb5d822e-2a3f-d309-468a5fe5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:49 GMT

Redirect headers

date
Sun, 01 May 2022 04:27:49 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=eb5d822e-2a3f-d309-468a5fe5
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
dcm
s.amazon-adsystem.com/ Frame 2649
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
28689P316Q76GZBYQG1J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RF1Y3B6HF007GJMXT9FE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym4MPFKT_l8EbcsviYHnjgAABKcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2649
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:27:49 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Sun, 01 May 2022 04:27:49 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
cookiesync
bttrack.com/pixel/ Frame 2649 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Sun, 01 May 2022 04:27:44 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2649 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ym4MPFKT-l8EbcsviYHnjgAA%261191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sun, 01 May 2022 04:27:49 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1679
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 01 May 2022 04:55:48 GMT
async_usersync
ib.adnxs.com/ Frame 86A8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:50 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cdde5a6e-aaa8-4ccb-a18a-fc92596e16ae
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=video_skip_shown&ad_mt=5194&acvw=sv%3D925%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26tos%3D5246,0,0,0,0%26mtos%3D5246,5246,5246,5246,5246%26amtos%3D0,0,0,0,0%26mtos1%3D3897,0,0%26mcvt%3D5246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1149%26pst%3D480%26dur%3D15000%26vmtime%3D5194%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1349,1349,1349,1349,1349%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D26%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D6808%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5246%26ss0%3D0.04%26ss1%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI3rzSkbu99wIV-MW7CB3DwQ1MEAAYACD7zZFRQhMIvISokbu99wIVSov9Bx38BwY9;met=1;&timestamp=1651379271074;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8834 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3rzSkbu99wIV-MW7CB3DwQ1MEAAYACD7zZFRQhMIvISokbu99wIVSov9Bx38BwY9;met=1;&timestamp=1651379271074;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxtHOkbu99wIVQZn9Bx0aSAy7EAAYACC03uxKQhMI-YCokbu99wIVSov9Bx38BwY9;met=1;&timestamp=1651379271122;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9F6B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxtHOkbu99wIVQZn9Bx0aSAy7EAAYACC03uxKQhMI-YCokbu99wIVSov9Bx38BwY9;met=1;&timestamp=1651379271122;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1C5A 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime50&ad_mt=7628&acvw=sv%3D925%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D7680,0,0,0,0%26mtos%3D7680,7680,7680,7680,7680%26amtos%3D0,0,0,0,0%26mcvt%3D7680%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7680%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1579%26pst%3D480%26dur%3D15000%26vmtime%3D7627%26dtos%3D3783%26dtoss%3D3%26dvs%3D3783%26dfvs%3D3783%26dvpt%3D3783%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3783,3783,3783,3783,3783%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D37%26emuc%3D0%26emb%3D36,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D9241%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7680&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D925%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D7680,0,0,0,0%26mtos%3D7680,7680,7680,7680...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D925%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D7680,0,0,0,0%26mtos%3D7680,7680,7680,7680,7680%26amtos%3D0,0,0,0,0%26mcvt%3D7680%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7680%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1579%26pst%3D480%26dur%3D15000%26vmtime%3D7627%26dtos%3D3783%26dtoss%3D3%26dvs%3D3783%26dfvs%3D3783%26dvpt%3D3783%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3783,3783,3783,3783,3783%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D37%26emuc%3D0%26emb%3D36,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D9241%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7680;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=midpoint&ad=15&vi=100&d1=vpaid&fv=3&stk=1&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=sec10&vi=100&d1=vpaid&fv=3&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
aclk
googleads.g.doubleclick.net/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/aclk?sa=L&ai=CbVOCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKkCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvaGR-4lEfhyZPn0a83Dy7WXTvkKW9fJ_QBUjJzA-_JffvR6fAS-xg93jhD1ystgzzSVpc29ajtf-HhAULEVwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTixCXObfLKnRUnlgAoDmAsByAsB0AsPsBOG1YMP2BMC2BQB0BUBqBYB-BYBgBcB&ae=1&num=1&sig=AOD64_2-wiH0jPuCC6L7l1EwzuzRY0Vq8A&client=ca-pub-7521520845913646&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=https://www.visitqatar.qa/intl-en/campaigns/paris-saint-germain-psg-team-in-Qatar%3Futm_source%3Dyoutube%26utm_medium%3Dvideo%26utm_keyword%3D%26utm_content%3DWGK-GINI-15SEC.mp4%26utm_campaign%3DPSG-WGK-Apr22-YouTube-Germany&ctype=110&label=video_10s_engaged_view&ad_mt=10175&acvw=sv%3D925%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26tos%3D10211,0,0,0,0%26mtos%3D10211,10211,10211,10211,10211%26amtos%3D0,0,0,0,0%26mtos1%3D3897,0,0%26mtos2%3D3783,0,0%26mcvt%3D10211%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10211%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2200%26pst%3D480%26dur%3D15000%26vmtime%3D10174%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2531,2531,2531,2531,2531%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D49%26emuc%3D0%26emb%3D48,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D11772%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10211%26ss0%3D0.04%26ss1%3D0.04%26ss2%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1651379264864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
watchtime
s.youtube.com/api/stats/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.175&rtn=15.000&ns=yt&fexp=44754609%2C44757675%2C44761692&el=adunit&cpn=F4fgioLb910xjrQC&docid=_tQ6lP04PRo&visitordata=CgswaEJMY01nN3Iwdw%253D%253D&ver=2&cmt=10.175&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=101.0.4951.41&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime75&ad_mt=11436&acvw=sv%3D925%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D11472,0,0,0,0%26mtos%3D11472,11472,11472,11472,11472%26amtos%3D0,0,0,0,0%26mcvt%3D11472%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11472%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2613%26pst%3D480%26dur%3D15000%26vmtime%3D11436%26dtos%3D3792%26dtoss%3D4%26dvs%3D3792%26dfvs%3D3792%26dvpt%3D3792%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3792,3792,3792,3792,3792%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D55%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147479553%26psv%3D-2147479553%26psfv%3D-2147479553%26psa%3D0%26ptlt%3D13034%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11472&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D925%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D11472,0,0,0,0%26mtos%3D11472,11472,11...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D925%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D11472,0,0,0,0%26mtos%3D11472,11472,11472,11472,11472%26amtos%3D0,0,0,0,0%26mcvt%3D11472%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11472%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2613%26pst%3D480%26dur%3D15000%26vmtime%3D11436%26dtos%3D3792%26dtoss%3D4%26dvs%3D3792%26dfvs%3D3792%26dvpt%3D3792%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3792,3792,3792,3792,3792%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D55%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147479553%26psv%3D-2147479553%26psfv%3D-2147479553%26psa%3D0%26ptlt%3D13034%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11472;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=thirdQuartile&ad=15&vi=100&d1=vpaid&fv=3&stk=1&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 01 May 2022 04:27:57 GMT
server
ATS/9.1.0.46
ptv
ib.adnxs.com/ 		85 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&us_privacy=1---&cbb=1379277527&imp_id=0c3c97a7-5446-4227-9574-254ee9edefb9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:57 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ae8f7dc-d05a-485e-8688-1e631cd8c52e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1651379277527&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C626a7b5c1576bc4c20574e49%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C608e90cf34acc10fb7767e4a%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C0.71%2C%2C0.21%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%222202728a3dbe3b9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223af1d1d286c6ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3209b8a06c6becb0715696831321d2197d8e51968acc890bd64e8f1cd55124d7

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:57 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 01 May 2022 04:27:57 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8a215afc79238036d5579c726bb051f6f0d89d4e8f2cac3ffdabb4499c86b8f

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ec2a84e81e3d3afa7ab466d94fb57df1db32ea7300c4850ae95f089878f093e7

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 01 May 2022 04:27:57 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 01 May 2022 04:27:57 GMT
X-SpotX-Timing-Transform
0.000253
X-SpotX-Timing-SpotMarket
0.003243
X-SpotX-Timing-Page-Mux
0.000810
X-SpotX-Timing-Page-Require
0.000282
X-fe
140
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.007602
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000251
Last-Modified
Sun, 01 May 2022 04:27:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003243
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002723
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1651379277661&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 6386 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236738
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B9FB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 762D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 7E7F 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236738
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FBC9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6386 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2703165017572288&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3013835890&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dt=1651379277935&cookie=ID%3D35ecfce485a8d746%3AT%3D1651379259%3AS%3DALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g&scor=1714726603673784&ged=ve4_td16_tt14_pd16_la16000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts13_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7E7F 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=878265157190542&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1459388357&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dt=1651379277940&cookie=ID%3D35ecfce485a8d746%3AT%3D1651379259%3AS%3DALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g&scor=4358935082834881&ged=ve4_td16_tt14_pd16_la16000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts0_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.203.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-203-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&us_privacy=1---&cbb=1379278210&imp_id=74c6c66f-cc26-4ae2-98c1-8b1c0dd30517
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 May 2022 04:27:58 GMT
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
536d75f5-18ad-4df5-9375-01fa1d6c6a96
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1651379278211&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24%2C626a7b5c1576bc4c20574e49%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C608e90cf34acc10fb7767e4a%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C0.71%2C%2C0.21%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 01 May 2022 04:27:58 GMT
server
ATS/9.1.0.46
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
70eb88a928ca33b4528e88f6b8b52242fb490607a670f89d8e3ba8f1527575f1

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.69.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-69-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5887e672849c2541412e814b40aab0feddf750308da615d3bc8f54bd845bef1a

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 01 May 2022 04:27:58 GMT
X-SpotX-Timing-Transform
0.000308
X-SpotX-Timing-SpotMarket
0.003447
X-SpotX-Timing-Page-Mux
0.000885
X-SpotX-Timing-Page-Require
0.000317
X-fe
039
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.010793
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000292
Last-Modified
Sun, 01 May 2022 04:27:58 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003447
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.005507
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22384c290746d770d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2239730a08ec617df%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
26a8af10330ea121a770b1a034fd9c302985cf4ab31ffe44678b3d3302a665e3

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:27:58 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 01 May 2022 04:27:58 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 01 May 2022 04:27:58 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=58698&t=1651379262&cip=146.70.117.69&sn=Email2&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=85797300695&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1651379278310&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 1D79 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B9FB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4313 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 776E 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E119 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 May 2022 04:47:12 GMT
delayplay
s.youtube.com/api/stats/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/delayplay?ns=yt&fexp=44754609%2C44757675%2C44761692&el=adunit&cpn=F4fgioLb910xjrQC&docid=_tQ6lP04PRo&visitordata=CgswaEJMY01nN3Iwdw%253D%253D&ver=2&cmt=13.308&fmt=18&rt=13.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=101.0.4951.41&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame 1D79 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1637854596312141&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=497450084&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dt=1651379278588&cookie=ID%3D35ecfce485a8d746%3AT%3D1651379259%3AS%3DALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g&scor=3954329771351090&ged=ve4_td17_tt15_pd17_la17000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 776E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22662187259%2FSMG_AirNow%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1748138664718563&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2077799955&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=60B36B2B-B73F-4310-8990-5AA702C215E3&nel=0&eid=420706097%2C44757675%2C44761692&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffriday_the_13th%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_May22_events&dt=1651379278593&cookie=ID%3D35ecfce485a8d746%3AT%3D1651379259%3AS%3DALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g&scor=4338526363845208&ged=ve4_td17_tt15_pd17_la17000_er1157.320.1309.620_vi0.0.1200.1600_vp28_ts0_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.203.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-203-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 May 2022 04:27:58 GMT
aclk
googleads.g.doubleclick.net/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/aclk?sa=L&ai=CbVOCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKkCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvaGR-4lEfhyZPn0a83Dy7WXTvkKW9fJ_QBUjJzA-_JffvR6fAS-xg93jhD1ystgzzSVpc29ajtf-HhAULEVwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTixCXObfLKnRUnlgAoDmAsByAsB0AsPsBOG1YMP2BMC2BQB0BUBqBYB-BYBgBcB&ae=1&num=1&sig=AOD64_2-wiH0jPuCC6L7l1EwzuzRY0Vq8A&client=ca-pub-7521520845913646&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=https://www.visitqatar.qa/intl-en/campaigns/paris-saint-germain-psg-team-in-Qatar%3Futm_source%3Dyoutube%26utm_medium%3Dvideo%26utm_keyword%3D%26utm_content%3DWGK-GINI-15SEC.mp4%26utm_campaign%3DPSG-WGK-Apr22-YouTube-Germany&label=video_engaged_view&ctype=110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=200034;
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=200034;?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C699 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBWCCQAxuYuH5EJDO3gPa-q6QAq39w-lpyr7Mi48Q1caW5ZkFEAEgsK_iH2CV4pCCoAfIAQXgAgCoAwGYBACqBKYCT9BuEpdzdzyifJNPlv-MIpbiupN-wj3GzC3n1_eKjhlQIeLtFaMRdJ_9AtixiNfOP1VgxKHF8aFkamE3uDs6NPLOJqxoh1_1Qfl7Qa1h9bdRod2gdQE61wKHRD6TKOdk46tUIsN9nwJgnyjGMqXOvECq96mR-UDsnwZyRzTVwmCq2UEB-vyRgTJOUx1EXjhqG-oaycX566NNUycMeadutit85W00U0ZuDC9gKmx1WGgD1dOi2r3q9Mw0Kq7o6MYeQ1Nq8F69TnwX19F2ZVtwm-J9iSYcs-b-OlqimQxt-GUqxpraM8bANP7qGvbeRnTQgmo09hlXxYBPZegR8tiO5-hQKj_Nc_zc8UFVV-yI5aCfQpGkmD7tJkiv8K1gdtuRctnJTjXMwASbsdrC_QPgBAGgBlSAB4ut8vsCqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE4bVgw_YEwLYFAHQFQGoFgH4FgGAFwE&sigh=L1EV8or6bjI&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime100&ad_mt=15000&acvw=sv%3D925%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26p3%3D975,1200,1200,1600%26tos%3D15058,0,0,0,0%26mtos%3D15058,15058,15058,15058,15058%26amtos%3D0,0,0,0,0%26mtos1%3D3897,0,0%26mtos2%3D3783,0,0%26mtos3%3D3792,0,0%26mcvt%3D15058%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15058%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3489%26pst%3D480%26dur%3D15000%26vmtime%3D15000%26dtos%3D3586%26dtoss%3D5%26dvs%3D3586%26dfvs%3D3586%26dvpt%3D3586%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3586,3586,3586,3586,3586%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D71%26emuc%3D0%26emb%3D70,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147418113%26psv%3D-2147418113%26psfv%3D-2147418113%26psa%3D0%26ptlt%3D16619%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15058%26ss0%3D0.04%26ss1%3D0.04%26ss2%3D0.04%26ss3%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MzgwNjY2NzU5NDIMNTk0ODQ0OTYxNzU3QNYCUiAQDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I7AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=13;acvw=sv%3D925%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,16...
ade.googlesyndication.com/ddm/activity_ext/ Frame C699 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=16871536575044664482;met=1;ecn1=1;etm1=0;eid1=13;acvw=sv%3D925%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26p3%3D975,1200,1200,1600%26tos%3D15058,0,0,0,0%26mtos%3D15058,15058,15058,15058,15058%26amtos%3D0,0,0,0,0%26mtos1%3D3897,0,0%26mtos2%3D3783,0,0%26mtos3%3D3792,0,0%26mcvt%3D15058%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15058%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3489%26pst%3D480%26dur%3D15000%26vmtime%3D15000%26dtos%3D3586%26dtoss%3D5%26dvs%3D3586%26dfvs%3D3586%26dvpt%3D3586%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3586,3586,3586,3586,3586%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D951%26femvt%3D0%26emc%3D71%26emuc%3D0%26emb%3D70,0,0,0,0%26avms%3Dexc%26qi%3D904672412%26psm%3D-2147418113%26psv%3D-2147418113%26psfv%3D-2147418113%26psa%3D0%26ptlt%3D16619%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15058%26ss0%3D0.04%26ss1%3D0.04%26ss2%3D0.04%26ss3%3D0.04;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1651379264864?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame C699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=20&st=10.175&et=15.000&final=1&ns=yt&fexp=44754609%2C44757675%2C44761692&el=adunit&cpn=F4fgioLb910xjrQC&docid=_tQ6lP04PRo&visitordata=CgswaEJMY01nN3Iwdw%253D%253D&ver=2&cmt=15.000&fmt=18&rt=14.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=101.0.4951.41&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::8a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=86026&t=1651379261&cip=146.70.117.69&sn=&tgt=0&osv=10&bv=101.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1651379261103-993207081315-006267-015-006377&cha=0.1&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.16&cb=39105872775&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&asid=611edcf789a5c676521f6272%7C613476638d66832318703f04&pid=611eda6c0903a33c051dbc64%7C58fcbed1073ef420086c9d08&cid=611edd025340b7439c55794f%7C611edcb8be37e2439735ab26&h=379fbb5de3fd3d2a6c668fe344032f9224e36006&d9=1000&ad=15&vi=100&ofpr=5&imid=cdd166656a8584c2b3e47bdf0a584b75_1723153239_11731286_1&e=complete&ad=15&vi=100&d1=vpaid&fv=3&stk=1&cb=1651379263236
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.240.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-240-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 04:28:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C699 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=complete&format=TRUEVIEW&lid=143&sdkv=h.3.512.0&e=44754609%2C44757675%2C44761692&id=ima_html5&c=8202240543225&domain=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 04:28:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

466 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| getCookieVal number| isMobile string| HUMANScriptURI object| hmn_script function| $ function| jQuery object| FB object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y boolean| ozoki_sv object| $$$ string| saved_tc string| saved_sc string| ________ok number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| json_path object| dataArr object| userdataArr object| newest_id_arr object| latest_id_arr object| videos_id_arr object| postcards_id_arr object| animated_id_arr object| rating_id_arr object| views_id_arr object| curshow_id_arr string| disp_by number| disp_count function| subcategory_init function| fetchData function| manageData function| showHTML function| showPaging function| showSortPanel function| do_LatestAlgo function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n string| cat_q1 string| sub_cat_q1 string| page_url string| site_rtn_overlay object| adsbygoogle function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager number| offset object| jQuery111105662432706522136 string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData function| miCallback object| google_llp number| google_lpabyc object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| config_data object| aniplayerPos number| sm_AV611edd82ba4f701d4d14c7dc object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| AVEvtMgr function| avPlayer object| storageAni object| avntsWebpackJsonp number| avnts_player object| avntsQ number| end boolean| isopen boolean| flag object| boxFunc object| GoogleGcLKhOms object| closure_lm_76701 object| closure_lm_312318

103 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQqNv_7ocwCgoIgQIQqNv_7ocwCgoI4gEQqNv_7ocwCgoI5gEQqNv_7ocwCgoIhwIQqNv_7ocwCgkICRCo2__uhzAKCQg6EKjb_-6HMAoJCAsQqNv_7ocwCgoIjAIQqNv_7ocwCgkIXxCo2__uhzA=
.123greetings.com/ Name: utm_source
Value: Email2
.123greetings.com/ Name: _ga
Value: GA1.2.1102668645.1651379260
.123greetings.com/ Name: _gid
Value: GA1.2.1101601566.1651379260
.123greetings.com/ Name: _gat_gtag_UA_5085183_1
Value: 1
.facebook.com/ Name: sb
Value: OwxuYsBhyFo81R108FYryyYs
.facebook.com/ Name: fr
Value: 0E13vFQenbPACNJa0..Bibgw7.Ne.AAA.0.0.Bibgw7.AWXB0Uc2_0Y
.trkn.us/ Name: barometric[cuid]
Value: cuid_a6c96a53-7db9-42f8-a8f3-3f7912e55428
.doubleclick.net/ Name: IDE
Value: AHWqTUlgZk3yThcN5CWBT4dXY-Q1smDpgpodm5cWLwu8UXXZzbI0BhXRujIfx6lhwKo
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1
.yahoo.com/ Name: A3
Value: d=AQABBDwMbmICEExvZJxj5CHSzTH__bT9vtMFEgEBAQFdb2J3YgAAAAAA_eMAAA&S=AQAAAsAb0qL10HiolGphUBVJtes
.adnxs.com/ Name: uuid2
Value: 1546037284600551829
.advertising.com/ Name: APID
Value: UP09aa6aec-c907-11ec-bd34-02087eb080fc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMPS
Value: 3165
.spotxchange.com/ Name: audience
Value: 09ae2740-c907-11ec-8adc-19bfd3920306
.casalemedia.com/ Name: CMID
Value: Ym4MPFKT-l8EbcsviYHnjgAA
.casalemedia.com/ Name: CMPRO
Value: 1191
.serving-sys.com/ Name: A6
Value: 10MIfYwMOb1008b3000010000
.serving-sys.com/ Name: eyeblaster
Value: RES=32
.serving-sys.com/ Name: u2
Value: fbaf37bf-cb69-4059-b9fb-dcabe455083a4GF06g
www.123greetings.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.owneriq.net/ Name: si
Value: Q7046656612074283696
.owneriq.net/ Name: p2
Value: cc
www.123greetings.com/ Name: aasd
Value: 1%7C1651379261927
www.123greetings.com/ Name: __aaxsc
Value: 2
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY1MTM3OTI2MnZsZWExZGUyMDIyMDUwMTA2Mjc0MjY3OTIyNzk5MzQxWDExNzY4M1YxMjI2MTMyNzAyTVNvbmVpZDVyZVNYZjRFc01la0ZwSDdITXQzdEVFMWNFVFZUemVGMW9uZWlkX19hc3VpZFUtOTdyU3RhZDc1aFEwdDN0dy1Wdjl3UjVyUnFQSnQwYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY4Mw
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022050106274267922799341X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY1MTM3OTI2MnZsZWExZGUyMDIyMDUwMTA2Mjc0MjY3OTIyNzk5MzQxWDExNzY4M1YxMjI2MTMyNzAyT
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY1MTM3OTI2MnZsZWExZGUyMDIyMDUwMTA2Mjc0MjY3OTIyNzk5MzQ1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFI1WGZnZjZRRlgyN1RrSHdIM3RRdGRkQUZ3VHpUN2dzN29uZWlkX19hc3VpZFUtOTdyU3RhZDc1aFEwdDN0dy1Wdjl3UjVyUnFQSnQwYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExMzc1Mg
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022050106274267922799345X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidU-97rStad75hQ0t3tw-Vv9wR5rRqPJt0asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.aniview.com/ Name: aniC
Value: 1651379261103-993207081315-006267-015-006377
.aniview.com/ Name: 2_C_55
Value: 1546037284600551829
sync.aniview.com/ Name: 2_C_55
Value: 1546037284600551829
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0sDSzMDUzMjYwMjSyMDM1sBTiM9Q1M3Q2SvVKtMgq90yT4jU0MzU0Nrc0MjM2tTQBANI2ISE0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmpobG5pZGZsamkCAHgJ90cQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0sDSzMDUzMjYwMjSyMDM1sBTiM9Q1M3Q2SvVKtMgq90wDAPKY_j8lAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ym4MPwAF_NNNZQAZ
.mathtag.com/ Name: uuid
Value: 930c626e-0c40-4400-90a8-8bc76f51a7cb
.123greetings.com/ Name: __gads
Value: ID=35ecfce485a8d746:T=1651379259:S=ALNI_MYgadiM4bZuX8zaUW2eQXIE070c4g
.adnxs.com/ Name: anj
Value: dTM7k!M4.FCxrEQF']wIg2Il`dmZjh!fsu$D6cqDih-:-1(K)7rLo%Xr0=wXYl%wrE+zsBE[VVoo95[fUGdT3^a4y=fdZVz!AXTO:4=sB!$zfq0RJ/L
.adnxs.com/ Name: icu
Value: ChgI_a5rEAoYAiACKAIwwJi4kwY4AkACSAIKGAiTwW8QChgBIAEoATC9mLiTBjgBQAFIARDAmLiTBhgC
.3lift.com/ Name: tluid
Value: 4371676325186298398705
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FF1D9476-88A9-4C9C-9E30-4F3D4D8E86F8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 157512:2
.pubmatic.com/ Name: DPSync3
Value: 1652572800%3A201_197_219%7C1651449600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1652572800%3A81_13_88_161_54_8_243_55_220_56_3_71_166_204_99_222_21_7_22_165_176_233_234_238%7C1651968000%3A15_223_2%7C1653955200%3A203%7C1652659200%3A35%7C1652227200%3A63
.bidswitch.net/ Name: tuuid
Value: 51257f17-272e-4d05-9dbe-a8638928e7d9
.bidswitch.net/ Name: c
Value: 1651379269
.bidswitch.net/ Name: tuuid_lu
Value: 1651379269
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMST
Value: Ym4MPGJuDEUA
.bing.com/ Name: MUID
Value: 3581061C223A6B261C0A178B23E86AD3
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~24ms:1762~24ms:194o~24ms:18z8~24ms"
.adform.net/ Name: uid
Value: 5867207847807012380
.adfarm1.adition.com/ Name: UserID1
Value: 7092619953649940623
.quantserve.com/ Name: mc
Value: 626e0c45-3167d-dd6de-4c99c
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: d0246778-8aef-5279-8b3d-b8fce953b4b9
.betweendigital.com/ Name: ss
Value: 1
.onetag-sys.com/ Name: OTP
Value: T2aSgg8DvPVmHe8bMuZDgmCBqOfzdEsDxny7-kbcBQk
.onaudience.com/ Name: done_redirects161
Value: 1
.simpli.fi/ Name: suid
Value: 0789098101194AE0A968BAB3F68602C1
.turn.com/ Name: uid
Value: 3996497992623945187
.de17a.com/ Name: guid2
Value: 1.7889732887532466800
.rqtrk.eu/ Name: browser_id
Value: 1:ffaa239e-3809-41af-99d0-688b895cfddd
.adsby.bidtheatre.com/ Name: __kuid
Value: b40261cf-859a-4c7f-a1f4-0a767c177238.420593269
.quantserve.com/ Name: d
Value: ENABEgGEJvijC_vLEA
ads.playground.xyz/ Name: connect.sid
Value: s%3At4716CCnU9C48ZktiCmzGiz5RStp0OWw.JkNvo5XvxNI4hQxq1vkcU1imK7Cii4Nu%2BiGpuyVs3fo
.betweendigital.com/ Name: ut
Value: Ym4MRQAEFuB-JpmfsqNJO-L6rTkXswZEN58ilQ==
.onaudience.com/ Name: cookie
Value: 7b2cf66481e722d0
.onaudience.com/ Name: done_redirects104
Value: 1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e8e7ba8e-3f4b-4a72-831a-793a886f6af6"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTEzNzkyNjk7MjswMjHDNHUtGbV66OWhQAqYGISo+wFjoNNx3qrTsF6+GrOEZA==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2714:u=1:x=1:i=1651379269:t=1651465669:v=2:sig=AQG2XTdJKLzd6GkDQvAXBuFiHOMV3V7K"
.bidr.io/ Name: bito
Value: AABkOU7E3BkAAD0neDNPBQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7092619953649940623
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Ym4MPwAF_NNNZQAZ&KRTB&22978-Ym4MPwAF_NNNZQAZ&KRTB&23194-Ym4MPwAF_NNNZQAZ&KRTB&23209-Ym4MPwAF_NNNZQAZ
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&KRTB&16736-uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&KRTB&23019-uid:930c626e-0c40-4400-90a8-8bc76f51a7cb&KRTB&23208-uid:930c626e-0c40-4400-90a8-8bc76f51a7cb
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3564152428396377571
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3134622568505817588&KRTB&23263-3134622568505817588
.brand-display.com/ Name: _knxq_
Value: eb5d822e-2a3f-d309-468a5fe5.1651379269.0.1651379269.1651379269
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-51257f17-272e-4d05-9dbe-a8638928e7d9
.onaudience.com/ Name: done_redirects147
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 49626e0c3f05a0&9c626e0c4505a00&58626e0c3f2760Ym4MPwAF_NNNZQAZ&ce626e0c3f05a0&51626e0c4527605kv9B-Aa_1f9SvpU5x3mBrRPrwf9Tahb6RrsizkO&41626e0c3d05a0&2e626e0c3d05a0&03626e0c402760930c626e-0c40-4400-90a8-8bc76f51a7cb&11626e0c3f05a0&82626e0c45a8c0&04626e0c4505a0&2d626e0c3c05a0CAESEC24kOHUZhPHWb4f5eNm430&39626e0c3f27605109685623021286509&40626e0c3f05a0&e6626e0c3d2760&bf626e0c450001eb5d822e-2a3f-d309-468a5fe5&1f626e0c3d05a00&f1626e0c4505a0&c4626e0c3d05a0&27626e0c3d0b40&da626e0c3f2760&5a626e0c4505a0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-24d531f9-c1fc-4d76-7cc8-886a597faa2d.F6k7rik2NpGFWM8biuCYdsR827SPHALW8XZEK%2B%2FmJn4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJNUx-cH8TXZ8yIhqWX-qLZJGdUU.JE9%2F%2BfQb4FoX5zyZcjJ8teg2B%2BNOrkHmzhPkwJ2wOrg
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-JNUx-cH8TXZ8yIhqWX-qLZJGdUU
.tribalfusion.com/ Name: ANON_ID
Value: a6ns6EMZaAC6pqGpS71sstdGVv6PL7nISfaf5nL2lRyvZdyO5JbOIaauyLRqZaatwfsHvV0mFq7qZdmEvqL0yfBZc
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEB8rcwn86bLXMrlK2C7s534&KRTB&16514-CAESEB8rcwn86bLXMrlK2C7s534&KRTB&23025-CAESEB8rcwn86bLXMrlK2C7s534
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-&KRTB&19420-ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-&KRTB&22979-ytznN8yN5WfR3eBky4r8NpjYtTfR2rJrxY1vNZW-
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1546037284600551829&KRTB&23339-1546037284600551829
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7889732887532466800
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-7GPoEAlsThXjMUUWSbnTXXQa
.pubmatic.com/ Name: PugT
Value: 1651368693
.pubmatic.com/ Name: SPugT
Value: 1651379270

11 Console Messages

Source Level URL
Text
worker error URL: blob:https://www.123greetings.com/5c9d44be-0ac6-4454-801a-eafa8bd3cd42
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/5c9d44be-0ac6-4454-801a-eafa8bd3cd42' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.123greetings.com/5c9d44be-0ac6-4454-801a-eafa8bd3cd42
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/5c9d44be-0ac6-4454-801a-eafa8bd3cd42' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js(Line 100)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js(Line 100)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js(Line 100)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_218_3_0/ebHtml5Banner.js(Line 100)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e0bfdd437127fe83ac5e6fe9b10ae54.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
avm.avantisvideo.com
b1sync.zemanta.com
bs.serving-sys.com
bttrack.com
c.123g.us
c.aaxads.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
events1.avantisvideo.com
fonts.googleapis.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.123g.us
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
l3.aaxads.com
lm.serving-sys.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
player.selectmedia.asia
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rr3---sn-4g5e6nzs.googlevideo.com
rr3---sn-4g5edn6y.googlevideo.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.cccobh.com
s.tribalfusion.com
s.youtube.com
s0.2mdn.net
search.spotxchange.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.avantisvideo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
tg1.selectmedia.asia
tlx.3lift.com
tpc.googlesyndication.com
track.webgains.com
track1.aniview.com
trc.taboola.com
trkn.us
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
web.facebook.com
web.hb.ad.cpe.dotomi.com
ws.rqtrk.eu
www.123greetings.com
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.maqors.com
www.telefonica-partner.de
x.bidswitch.net
hbopenbid.pubmatic.com
104.102.29.65
104.36.113.107
104.90.104.248
104.92.100.195
108.138.3.177
141.94.170.64
141.95.171.139
142.250.185.194
142.250.185.66
142.250.185.98
142.250.186.98
142.251.36.70
151.101.1.108
151.101.129.44
151.101.130.49
169.50.137.182
178.250.2.151
178.62.202.251
18.193.145.56
18.194.227.226
18.194.39.232
18.215.121.182
18.66.97.25
184.72.244.154
185.183.112.148
185.64.189.110
185.86.139.106
185.86.139.94
185.94.180.123
185.94.180.125
188.42.191.196
192.132.33.46
193.0.160.129
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
2.20.85.164
2001:678:cb4:bbbb::11
204.237.133.121
209.54.176.128
213.155.156.180
213.19.147.45
216.200.232.249
23.205.239.15
23.205.241.117
23.35.236.201
23.75.246.168
23.88.75.187
2600:1901:0:76b9::
2600:9000:223e:6000:3:748e:7940:93a1
2600:9000:223f:bc00:8:9ed9:9c40:93a1
2600:9000:2490:3200:1c:38a0:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:4400::6812:230b
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:4c::8
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:800::2016
2a00:1450:4001:801::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:f::8
2a00:1450:400c:c00::9b
2a00:1450:400c:c1b::8a
2a02:26f0:3500:c::5c7b:6843
2a02:26f0:b600:188::2c79
2a02:26f0:de:38b::2c79
2a02:fa8:8806:12::1370
2a02:fa8:8806:13::1370
2a02:fa8:8806:16::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:d29:3605:c9e0:96ce:8ce5:2ad7
3.126.56.137
3.232.80.154
3.33.220.150
3.69.141.3
34.102.253.54
34.111.151.213
34.237.23.137
34.98.64.218
35.171.240.250
35.244.174.68
37.157.2.236
37.252.172.123
37.252.173.38
44.231.203.220
46.236.13.147
46.4.62.19
5.161.47.120
50.31.142.63
51.178.20.139
51.210.112.63
51.75.146.160
51.89.9.253
52.19.107.252
52.19.198.230
52.213.127.205
52.28.203.152
52.57.69.5
52.59.8.244
54.154.135.58
54.225.147.131
54.243.78.84
54.72.0.164
54.78.254.47
66.155.71.150
69.173.144.138
69.173.144.139
72.251.241.196
72.251.249.14
76.223.111.18
78.46.85.162
8.249.23.252
8.250.188.124
84.200.5.215
85.114.159.118
92.123.225.41
0089aa050b89192e6bb4f33c9ca831d4215f30a24cff294ed17a1a187131e267
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
01b56286bcbb811853dc20ca78706e4a9657dd4e07aa19f893ab7d3e0ff2259d
027bebdc66e1b93137d273034437d1e31f409abc678f455a233d50d8e8386a41
038990a31a4aaa0f5d230589d93320b6f51f5c5cc522d8b43acd6db2bf9e2426
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ab6d4b2d4f6660e0cc5106868e09a73e955c90a0dbec418cb63bae5a04a713b
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b79508b243b999e71169eafb9da87dd884fca915bf6aade2804d95749fdd327
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba635a404c78c9b872896285d081d72a1c6a85262593e8896c5e29f8845fc0e
0c4538d97d55856f94cd19d0b65d629faad54c6898eeecd82021b6d347727803
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0eb7be9de4d6cddb068e22e45af64ba0d63ecc4589e130104bdd755e735bcc09
1245dccc24172ea7ab5792b2eb12405ac8b1b53f3fef8780e2d1d445877f8188
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
15a2a4988264a8573fe8916288d37fc69d656b6b6fad056dad08558437bcd828
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a3c4de768fca8e04fb15f683a1a56533841c540755cca1ecf4dd8ab6c9d003
18f84ce0a20450e757473d5ca655656ca9c094aac8e357df96764c79805721d6
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
192936c24048b5288ea27ffa31f8e39d0a1fcca839844d879f1e6346243ffbf4
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
1ab2c95accca9a636a2b27033023c217c7076b4383560a780f3b2725e2ff1277
1b06a05f49b9b75bf1aaf6c22b962d17e7a864d2723b62cc59a206683f3153bc
1c3896549729445a66265426c1b92cfc91a8516f495db0b821382101aff2d98c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d3bb5a80fa39b7d74daf4c3b88f346d1569cdaa467442fefe3b3c9bb7895baa
1e5d98f91f8e7be1e8fd176b3d85a0fdab01571c60d031652ad3151085b9eb45
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1fc8bb950072664926ad5a69f5596625e161ce11cd91ab3b40738d899f62f3ba
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
214653d9bf3d559a60293ffbca1a64f6d18243fd4003abf30bb17fd02150fe77
215f500ae1db630213530e7682c7bc7c64a72a85b8e3e51c9b56a97436d9e05e
2185e02db13ef019ffe2fb1e718be3060b9675373218fd20181d238fb79c5145
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
246aed237957e138b57bd8d77d62cd8f8cd51b40d68a448849773a5196e732e7
2509fe7526a049b1f538f3e12f57aeba33b64acd4ed219adb5b5f61ef3f1d83d
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
26a8af10330ea121a770b1a034fd9c302985cf4ab31ffe44678b3d3302a665e3
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
282e6548c56f8ae5d6c8eac90942853dabd60a2c5d332233cd564e870b223e1f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a819f7f8b1d7cce2d88518e415593bdc4f3b22053f5db71bdef72de6bebe9b9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e70b95187413dd77af768241edb06048a29166119b2f2601bd7b0bbebbedf48
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2ede4eab1ac646c566e7b85a73b9f7c25ca917a17545a47985bdc9e84264b5db
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
307442763bca67c55bfb28750ffc8f9fda11490cd14cd3695d843fb5f6a9d8b7
30adf3e12b9886a1aed3773323e48982f54cd0618cc13e2f8c7ed3163f4aa2c0
31b57cced8b5126b4f8ce6063b0f2ea7174c2bf57af16a536b959e63b23d4154
3209b8a06c6becb0715696831321d2197d8e51968acc890bd64e8f1cd55124d7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34a1c9fdb08fb832504d0cab26e246ebbee2f0d4a9fb0d18a04ee7a9d6f6973c
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247
357f039483b1c2188c6b73f18340a5303b64f027f13116c10e712dcf73fbe06b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36501dd26dadae5cbe8dbc7eb24dfa4146e64e29cca11136143371656e41d353
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375b5a17e2fb4c94819609c1fd75be3c1d495ba2917787690e8a60cabd37d8cf
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c035b53146c5836ad15fd76a3ad6a88eacc79223ac85cb46f09feb20f9666fb
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3ce398998e75ecd70d191947c30c7fa0adc813748f2f1ff7e17f1ef397101970
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9506e3741d9628c39e69b189dfdd45109d7de811ab0ae51adca72f4add3081
3f299277f3369985616a54567b4d94b6518dd405b5ab7394a5d42091980798ff
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
44d0c6f13eb885d7b2357ca0670b795e463a5e3f204383b3cddf94cc02b18407
4879687d5f38f71840f8c315bbaa3403988c1ff05f74b8d7f9f63217a4efe6d3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b45376f36aec66b009e495643e5fd133d082a4775094058afeae2a0bbaf4c8f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be90111615f586210f97158ff737e77f0dc23ad27b728369e56ac8fa309c07d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
528c7acac437c2c1cdc666bd4a4d45e213af84c94920f03fd2e7292065f5616d
532faddcd31288f0b8f13dd549def0f47ec993f3208af655cd488ff0b0d4b964
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6
542520da967ebd7a88f4c33785f5a293a692e5e302a2a0705d338a915f9f5dad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5887e672849c2541412e814b40aab0feddf750308da615d3bc8f54bd845bef1a
59c5f94aa27f31973be9512c7d1a3f525b0ffe6aecbfe120b7ae787decf975f0
5a51eeb2f1f3b67cce3a83025073a20cbd9ee28dc32a0d3ecf1f60069f1b67ac
5bd55767f80992a8a44265147ff1067ef28dbf8559685f358254fe5f6b38fd35
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4bbed69def281dd2ada59fd5852c8425fef0b51b75d6ff589f0b771748d763
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
604e756cac3d6fb6bb83d57f20bdd33f9ad557b405adef04edfabbb8edab739a
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fe164905b076da2afe07cbc78ac94205a1051607dddf37aab5316e7787c084
644e32e5b4393a7fb78af2ac90cc1e45112c1e9993daf50b5e4314a95272b71d
658f5a1d03b4252bf444f01f270804714aeb52d50c5ebbbecb139cffbfd5c5d9
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6a7db5e52cc2c0acd177bbb82cecc81ee3cfe8bddbe2e78f1c9cb057ef14d759
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c05bffc05b2e0aa6624410cc165e71b8bfb142c194445d4f562697525952885
6d92c348b2211f148347f619033982109eab7b58e641e19d907bf51535de2f00
6ec673d424147e19640e15aa01cc5d7fcded63feebc1db7a75e91cbbfd2f1151
6f47e989e3efc48ca7951f0d73e88d48116bb57bd39217af1c7d8529c58d6dad
70eb88a928ca33b4528e88f6b8b52242fb490607a670f89d8e3ba8f1527575f1
70f19923577630c8229e44ea4087938a33048173f1ff2e131799266d688e9e49
71190962c30ce4f939a80750acbf377bf3db13baad60285be9a321d0ac0d87c0
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
73a50b6f3b628120b6f984c37e7e74d9ba25576d0db9fe71935cf887da45b250
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
768f4c95d99e932e9205cca261eef5aaf6f3bb89e70929834708277308fa09c8
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a09493f02c721c7da3e052ef25b795e29c2de806cfc9135e0bc7a6710134c41
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7b52e3c4c37ea20ba19251a2d6a41793d3cf0a84a612a0618dbdba55fc555e9e
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7ccacaa54099a7d166556e98bd472ed1d53186bcb5fffc692f5135d34cbefd8f
7d244c73005602f928ad42e9fa25b2c1709390c01ab3ca8fd6a629807dcb937e
7f170da7913dbfa8716275574ab8ae59798322a2b1da826648bdccdc213bddb6
7f56b29cee053c5e5320fcd9ca9c5697dc170733c630b676100c6006c9b36c54
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
817ff24cc14385328aeb2c2d8791c71a00ca86c8c8bf10cb7f5c22ea45e94fde
82b5aeb337e8e379d5ad72caf88872457e48f21b9a9dfc3dda30f13def8ba4bf
82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5
82d512d9de66d372be99b9169ce37787faaf6253487f07527aef39ce9651f11e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e70a73f5a2305cbf2a287536de05e35eba2f82aba11a1a4e5e472088081833
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac0402e8c97eea3d5e57940de5f297bbfb84740ff27420f20d04c0b6f765168
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b00cb761b0ae571d73c011c8fbc4c05da055990969971a9b81ae5e4d1a3c7d6
8b995acb1547188a5ab8e51c1b1cb94e29b108015f799e6865d04393faef7f21
8c4998e371586b5eaf99d433ccf82d26ead0770f2b9497067f09037fdcafa23d
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cf2728f446b8c3fd9e58430b9b7552e54967097d6342495f3044db35796a067
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e18cf5d5256fe9f9b3352ac3dc7e1b98fcadf1e8dce823a44b1c2ba8b376e37
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
90885ecbd565f2511e2704714a6bdb36dbd4697faff1f766abe7c3ae55b40bc3
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
945fded9f02612352e9007f26cd06ced4831783ea659d649f4bc34aae5ee0480
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
9654cfbc4275cf90db09a8b45c858a583a3540d0b3ad66823f67fa2254cf1230
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97b976bbfa4e15abbd516446d1640883f6d34fe71c98bb1f43138a35490aedeb
981276f65cb1c345d1d051e87b6cc1b82424ea5aea1ddef1196eae6211c03f45
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d420c1b825184f098cba9cc45501cca1613e0ac75fa3549c4114dcd054e1211
9e860e08c06655c597a3ef22428c270bc88f67e3204c73cb2738490b193eab81
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a0faf076c9d9ea0ee9b8870e69dbb660866aec0ff5952c800e171b5781978727
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a31ee07bdb33459b639c2810db71e1c79d153db6a65d58bb1627b89efe39c343
a3b6aa5f719b969b5d843f5bb615948667b0f716676ec474e90bfdf46e3b14c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bd40ade200094216812a0b0b27814fe88c5a97d8d4a7be9cba95f87bf2c857
a4ca3306bea5dd0b61c441485218889c2cfb00ea53bca2c9e62d8e6137f8b9a3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b411acfdde1ff190ca897323d49b9121de73b66dbeb30bf22ef014f0644fde
ab72139e2ca040967d2a00e0c52d21ae4b6e2e0202480bd42d906668425b70be
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ad57643b8e4803bc348012d53eac978b3415de5c3318b4e3a43739f27b366ec6
adaa2f7ccf06f03867df7939007e0a4683401bc51da8107cad56c39751142a60
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
b073a4a2cf50a04ef23ca8b2d1550118a521729075a3eeb69312b46c9e6fde95
b123247822002fe5ab01c7ab7f626262883ca0713b79cf1eb0979e7526b1a488
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24a2cb5992e8786101b34359e5b00b71cb48f654cbe9d0eb74133a7e45a569d
b27ce925b6343707504930472b0860d9a545152372785d89de6d99c6f8d591bc
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbecd91771374126efdd9a910630ed889c8cad98018fd414ecc983e74e3f0fee
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
beb9d01b9c9ddaf513e7b662e9df1a29aaebb459523ec403ea4660835842fe69
c1f4c422e115e1f190b663b010a92ab8f0bec14498f898977174119d3dce2b4c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c465e4bb985e5293a834f6a1218bced00691220a32ac333fb347018fb9f28ddb
c553bc6d4197892195254f1cb42674c389d707ac0d14d5991498b71df387fb42
c65b1c64ad4e1945b0ecd28f71b805c5190a05a0966a99cfb91038e36197274b
c8a215afc79238036d5579c726bb051f6f0d89d4e8f2cac3ffdabb4499c86b8f
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d302bdc556dbce7f2f365a219fac9da0ef249e53e44bb556cb8da1317b8048b5
d33b903c44bb70da2884c690d75bc7495799c892e206091d467b4816ac9cba61
d4f5d3feece2539d8d11387e1a3f30c58c4c4a3c6a82d5d116c091297c63dbdf
d5e7fe037bb7459d1b87636aa59d5dc856b6ff8457a00e18617ec40fb0a87bba
d7af084f7787762162877eb52290c53601a9f2375228eda6f3b5bc2d8a0c6c2b
d87a9c310e37578476865ce94343cdb05adfd94c36b4ac7a032a5731b9587444
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9588c4fbccc38fb4223ad4661281867b1c097dad925efa7cef5a8fb73f2e5f3
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dad4127a2c2ec0b83670955fd8934c6b1ecf84a09bbdf8ce4cf64d48d920a660
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd048e8ef6171650aa358c739fd4b3edb8c886a4c04df73a745e268748585fdb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea7e06ad57330f892e2474399d24276e0471f3cc4fb5134e49ee00a507cc7a0
df70ced516eb51455e038e73c08ac0e7d93a7ada792d78fe63f283fddade31ef
e1c6e3e5c62149a5dccad432bd6f84d3d2e0ab9f82b34856384cd713de62f77f
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eefb6c364009953367722d6f06bc4663b55af72a7a7b692aeba0267cdc7926
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e84643fc18205b59cf0eb339124519aa415b5e2246b7950c824714a1871b53bd
eac60c83362750a3101e15416c9d9c5f08c1478f191be790244f30b57d969820
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec2a84e81e3d3afa7ab466d94fb57df1db32ea7300c4850ae95f089878f093e7
ece3a1c9922b670083163bf9a878072f60496d6c77f93982015855db78a06eab
ed305a0e1f7812046dbe0294dc8a9eaec13ac7d7ee50b630210347a44f180910
ed74ded0ef986fb21bb6e522b174ed9a742195f9cf36a0543b03679d155f11e0
ed7ed464c1ef2b95184d30f547a08edd1ca6f85108276288b17bcdd0a44e5752
ee2316027ec829664d19a7aba850fac1c9571868fe1b0e7ccf2785ba4b8223c0
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53f6cb96c4bf59cb697b4297baf02b95b2edf3bfa62de42183ad232ff85187
efccb1181f94d629db5671744538c5ed80ece8d5f684cdc2b4fb2353c6f4509e
f0714ed090a443ed91a091e279cdd153d7510c7fd624c6b89b9558c4596f944a
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0e66fb17a34fe78c7f08bc6e559d8bbcadf08e6f30d3989dd8251a6f887ac66
f0e8a5ff67d1afaad9ab1987a7d60448731b9671aca2886e67e8e806eb8dbbb0
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f1b1557335b5e08e96c3cb1eac7dcffd986b742766bc445b48898ec68097afc9
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f22e32e7a787b8ec71c6c83d3858722dac9d20886df80f85e6fd00671fe6f4eb
f280871ae5187ee2333454fb6a21207786e9026ccb0efc771baae5b8bf016175
f439da2b4f87dd3b7c06a31cb213dec434bc9a09e46d2b4920156f5920340a11
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f5500d45b1c2ba33aed3bf5761885a8f15294a07be5012873dc0beab8b0d1fa5
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
fe6070c39e3a288a3d2820214e8c59c290e7cb7a5deee00b56142b37c89d26ab