urlscan.io logo urlscan.io
SecurityTrails logo

www.123greetings.com Open in urlscan Pro
184.72.244.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Submission: On September 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 10 countries across 51 domains to perform 467 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 366866.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2022. Valid for: a year.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 184.72.244.154 14618 (AMAZON-AES)
21 8.241.45.124 3356 (LEVEL3)
24 8.249.63.252 3356 (LEVEL3)
2 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 34.240.117.131 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 3 3.228.232.15 14618 (AMAZON-AES)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
12 142.250.185.66 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
56 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2 2a03:2880:f00... 32934 (FACEBOOK)
1 2a03:2880:f10... 32934 (FACEBOOK)
12 2a00:1450:400... 15169 (GOOGLE)
11 2600:9000:249... 16509 (AMAZON-02)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
4 2600:9000:225... 16509 (AMAZON-02)
6 11 142.250.185.130 15169 (GOOGLE)
2 9 104.18.19.126 13335 (CLOUDFLAR...)
2 11 37.252.173.27 29990 (ASN-APPNEX)
16 2a00:1450:400... 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
2 104.96.128.226 16625 (AKAMAI-AS)
2 3 185.94.180.125 35220 (SPOTX-AMS)
2 3 18.156.0.31 16509 (AMAZON-02)
2 4 34.255.80.220 16509 (AMAZON-02)
6 142.250.74.194 15169 (GOOGLE)
2 209.197.3.19 20446 (STACKPATH...)
11 44.241.52.146 16509 (AMAZON-02)
9 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
4 2600:9000:219... 16509 (AMAZON-02)
14 2600:9000:205... 16509 (AMAZON-02)
4 205.185.216.10 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
12 2600:1f13:800... 16509 (AMAZON-02)
2 4 52.51.99.30 16509 (AMAZON-02)
2 34.149.12.213 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
11 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
12 52.55.238.42 14618 (AMAZON-AES)
2 54.157.211.237 14618 (AMAZON-AES)
1 216.52.2.39 32475 (SINGLEHOP...)
1 129.80.94.115 31898 (ORACLE-BM...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 34.235.255.87 14618 (AMAZON-AES)
5 51.75.86.98 16276 (OVH)
8 18.156.195.47 16509 (AMAZON-02)
1 198.47.127.19 62713 (AS-PUBMATIC)
6 3.65.16.214 16509 (AMAZON-02)
2 198.47.127.22 62713 (AS-PUBMATIC)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 104.18.18.126 13335 (CLOUDFLAR...)
2 23.35.236.247 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
1 69.173.144.138 26667 (RUBICONPR...)
2 4 52.46.128.147 16509 (AMAZON-02)
2 35.71.131.137 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 52.205.37.96 14618 (AMAZON-AES)
1 141.226.228.48 200478 (TABOOLA-AS)
2 3 104.96.159.65 16625 (AKAMAI-AS)
1 169.197.150.7 398989 (DEEPINTENT)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 23.23.202.74 14618 (AMAZON-AES)
1 1 34.96.71.22 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 66.155.71.150 13768 (COGECO-PEER1)
467 83
1    184.72.244.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com
www.123greetings.com
21    8.241.45.124 (United States)

ASN3356 (LEVEL3, US)
c.123g.us
24    8.249.63.252 (United States)

ASN3356 (LEVEL3, US)
i.123g.us
2    2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
36    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    34.240.117.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
s.gk.123greetings.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    3.228.232.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-232-15.compute-1.amazonaws.com
trkn.us
10    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
14    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
12    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
56    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f007:1:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
web.facebook.com
1    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
12    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
11    2600:9000:2490:e000:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    2600:9000:2250:5c00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
11    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
9    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
11    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
16    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
sync.teads.tv
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    34.255.80.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-80-220.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
6    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
2    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
11    44.241.52.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-52-146.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
9    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    2a02:26f0:f700:2a3::4469 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    2600:9000:2190:ec00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
14    2600:9000:2057:7200:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
4    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
12    2600:1f13:800:7780:220c:cf69:e705:bf34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    52.51.99.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-99-30.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:f700:2b6::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
11    2a02:26f0:f700:2a0::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
12    52.55.238.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-238-42.compute-1.amazonaws.com
track1.aniview.com
2    54.157.211.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-211-237.compute-1.amazonaws.com
go1.aniview.com
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    129.80.94.115 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    34.235.255.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-255-87.compute-1.amazonaws.com
sync.aniview.com
5    51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
8    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
c2shb.pubgw.yahoo.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    3.65.16.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2600:1f18:612b:4232:62ab:5c8e:112b:fa29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p4dt2-ha1hf.ads.tremorhub.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3602:e43a:8d66:d240:c30c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.205.37.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-37-96.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    104.96.159.65 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-65.deploy.static.akamaitechnologies.com
px.owneriq.net
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    23.23.202.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-202-74.compute-1.amazonaws.com
nep.advangelists.com
1    34.96.71.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
97 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
1 MB
45 123g.us
c.123g.us — Cisco Umbrella Rank: 455282
i.123g.us — Cisco Umbrella Rank: 282557
838 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
370 KB
40 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 30890
static.avantisvideo.com — Cisco Umbrella Rank: 31934
events1.avantisvideo.com — Cisco Umbrella Rank: 27283
cdn1.avantisvideo.com — Cisco Umbrella Rank: 36198
avm.avantisvideo.com — Cisco Umbrella Rank: 31489
309 KB
27 aniview.com
play.aniview.com — Cisco Umbrella Rank: 20226
player.aniview.com — Cisco Umbrella Rank: 2410
track1.aniview.com — Cisco Umbrella Rank: 2549
go1.aniview.com — Cisco Umbrella Rank: 5345
sync.aniview.com — Cisco Umbrella Rank: 3125 Failed
483 KB
20 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1021
static.adsafeprotected.com — Cisco Umbrella Rank: 791
dt.adsafeprotected.com — Cisco Umbrella Rank: 735
188 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5551
csm.eu.criteo.net — Cisco Umbrella Rank: 5700
417 KB
17 123greetings.com
www.123greetings.com — Cisco Umbrella Rank: 366866
s.gk.123greetings.com — Cisco Umbrella Rank: 825135
65 KB
16 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
257 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
web.ssp.yahoo.com — Cisco Umbrella Rank: 4152
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
4 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
acdn.adnxs.com — Cisco Umbrella Rank: 876
44 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 305
250 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
htlb.casalemedia.com — Cisco Umbrella Rank: 755
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
9 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
422 KB
9 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1415
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
13 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
18 KB
6 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1080
cdn.flashtalking.com — Cisco Umbrella Rank: 1472
32 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
734 B
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 415
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
cdn.indexww.com — Cisco Umbrella Rank: 2169
4 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
3 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 689
tps.doubleverify.com — Cisco Umbrella Rank: 688
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 11240
109 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
31 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1924
1 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 778
2 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 708
u.openx.net — Cisco Umbrella Rank: 975
493 B
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 10082
ads.eu.criteo.com — Cisco Umbrella Rank: 5636
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7591
50 KB
3 facebook.com
web.facebook.com — Cisco Umbrella Rank: 154
www.facebook.com — Cisco Umbrella Rank: 111
802 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
3 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
region1.google-analytics.com — Cisco Umbrella Rank: 2119
20 KB
3 trkn.us
trkn.us — Cisco Umbrella Rank: 3944
3 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
529 B
2 tremorhub.com
p4dt2-ha1hf.ads.tremorhub.com — Cisco Umbrella Rank: 153025
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1510
344 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
700 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
87 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
116 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
10 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
191 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 607
98 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 6405
420 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 4166
232 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1399
44 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1545
99 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2522
563 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 838
501 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1710
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
5 KB
467 51
Domain Requested by
56 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.123greetings.com
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
36 pagead2.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
24 i.123g.us www.123greetings.com
21 c.123g.us www.123greetings.com
c.123g.us
16 s0.2mdn.net www.123greetings.com
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
s0.2mdn.net
16 s.gk.123greetings.com c.123g.us
s.gk.123greetings.com
14 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
12 track1.aniview.com player.aniview.com
12 dt.adsafeprotected.com 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
12 cdn.ampproject.org securepubads.g.doubleclick.net
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
www.123greetings.com
11 player.aniview.com cdn.avantisvideo.com
player.aniview.com
11 events1.avantisvideo.com www.123greetings.com
11 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
player.aniview.com
acdn.adnxs.com
11 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 www.googletagservices.com c.123g.us
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
9 static.criteo.net ads.eu.criteo.com
9 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
9 www.google.com 1 redirects www.123greetings.com
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 pix.eu.criteo.net ads.eu.criteo.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 prebid-server.rubiconproject.com player.aniview.com
6 c2shb.pubgw.yahoo.com player.aniview.com
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.123greetings.com
5 onetag-sys.com player.aniview.com
5 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 dpm.demdex.net 2 redirects 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
4 cdn.flashtalking.com servedby.flashtalking.com
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
4 static.adsafeprotected.com 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
4 fw.adsafeprotected.com 2 redirects googleads.g.doubleclick.net
4 static.avantisvideo.com cdn.avantisvideo.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ads.pubmatic.com player.aniview.com
3 ups.analytics.yahoo.com 2 redirects player.aniview.com
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 trkn.us 1 redirects www.123greetings.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 match.adsrvr.org ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
2 acdn.adnxs.com player.aniview.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 js-sec.indexww.com player.aniview.com
2 htlb.casalemedia.com player.aniview.com
2 p4dt2-ha1hf.ads.tremorhub.com player.aniview.com
2 hbopenbid.pubmatic.com player.aniview.com
2 web.ssp.yahoo.com player.aniview.com
2 go1.aniview.com player.aniview.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 cdn.doubleverify.com s0.2mdn.net
www.123greetings.com
2 cdn1.avantisvideo.com cdn.avantisvideo.com
2 servedby.flashtalking.com googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 web.facebook.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.123greetings.com
connect.facebook.net
2 www.googletagmanager.com www.123greetings.com
2 i.ytimg.com www.123greetings.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 nep.advangelists.com 1 redirects
1 match.deepintent.com ssum-sec.casalemedia.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 tpsc-eu3.doubleverify.com cdn.doubleverify.com
1 token.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 u.openx.net player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 ap.lijit.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 fonts.gstatic.com fonts.googleapis.com
1 tps.doubleverify.com cdn.doubleverify.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.123greetings.com
1 www.facebook.com connect.facebook.net
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.123greetings.com
467 92
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2		 2022-03-01 -
2023-04-02		 a year crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2		 2022-08-13 -
2023-08-11		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
gk.123greetings.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-21 -
2022-09-19		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2022-01-19 -
2023-02-20		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.avantisvideo.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 61 frames:

Primary Page: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Frame ID: E0B1289A7BAFFA3ABE2BD507B25BF53F
Requests: 144 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: BE67B6A7E48742A704838D538A6432A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1662977811&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977810856&bpp=4&bdt=583&idt=264&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=99238328942&frm=20&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977811&ga_hid=178126302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=592777021610199&tmod=1518744475&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: 6B3F77DBBB7B9571D20F94E617B76B25
Requests: 1 HTTP requests in this frame

Frame: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 007BF2F39CA9A299EDCED8EDEA6109AA
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.123greetings.com/2bcebc60-f92d-4254-84c7-c0d8fd723d32
Frame ID: 7579128DD3ACD327A586FDF1B2824578
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Frame ID: D1FAD6A4444DA262F1A8A4378F2436B4
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 06CCB648E43E745B4F4E78697BE687DB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 127ECE8F89B5FA4F56E577B6BD0A5A6A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fb0bd519644b%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff26bbd8dc7f6868%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
Frame ID: 848812D35A5BFA47F5C3055A7726245F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: F5130DBA14FCFD05090B0D223C5C3C14
Requests: 1 HTTP requests in this frame

Frame: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2EFB89DACA56C3C52BE6FE0351E0A15C
Requests: 16 HTTP requests in this frame

Frame: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E51688F1A1F9F8432A78ACC771EFE0CA
Requests: 27 HTTP requests in this frame

Frame: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 287FE3254AAA1DE0AD03D26DDE0BB989
Requests: 27 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3rH7iHVccYedqaWFOJXimOceyMHo-Y-6Cfp3fbSk6FfCp_VBN0livR_vSuxNLzW9jmoA831VCYQxzmJ3SAMTdR_JpBwdSYRJlNUsoGjcpqh4xAglOYdyIiUXTmwFcRLN04-36Z7NLB8oT1Dn599ygRK8RwT3Gb_SO_VVg4IiwOLP1ipNRHaIH8COUl2rpGiOF4ShQbQI_FFiFqYgaZ7ngqIifcdb4XVJiKsqExYe-RfzlElao08ahNKDf_kUAF3klseHAsXEcotqiT-93-Af9yTx0qCvNWa3IDdiZ0JbPfy79M670e49n6bJZMyQDFhoobxSrpOgpokotsKHSxWJ_mi9rWqnWcwE7ZZg&sai=AMfl-YR2gf3z-cyTRDbFJOXrYpuGFehZ2JgyKp2K3ze6DWJecR0vag-3vq67ejLYQeSsgipvAWzEXjPTK3IUWKv_YTDyy5IK2UJjKh416-1KvjowZ3cEFOyvOOJUhqmAXq6du5A&sig=Cg0ArKJSzNJqkjMcSFOxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 20F4392E2429E036ED3886CECE9C6BEC
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 2010122CE05C931DAEACCC2AAEE8B541
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 1DE2E6144024F3392AD8B96462F025E4
Requests: 18 HTTP requests in this frame

Frame: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF89E77EA64F26EB2F89E8DD09F4801E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1IgN3FRy_HCo2mQZGcRo_zHCyRloLQCJlDNKodWwHMwFkxi2BIj_qo-Fxtmt-Ptq0cZvhplJ2zcdtCHk0uRwXZ1vd6OnVtCRCpn1xfgvUJizeCghS3AggaKvnCrWR_LjJJ_iUC-QNYbzgKHJg3HAAJCKrqtC_0PyUmLdcRA111jqdQht89GatW3HbFsGfEL_hsVrc_OXuVZ-FbuReEy4h9hDg_qH5gPOlB_c9-V5MptP7M5aYGSt8ybDKW2odXuJP8uBkCThyrQW2FX-Q0RH5CTDWMz_V9yM1938vNDk1MkN3YrIlCvnmj5p1K-nmaP12SXynf44bCVoSGpMINo4awrDczWyC7GXo&sai=AMfl-YR4URhjyRp5LtUxdDZmhyHNRz5bIU4XTKPTwhtKGzJdaW-NlX61eqGVHposD7nAeAgae4y53cH2MnqYG_MO9gwsAG1vVYYJevetaTNFoZScLiMtEmBVHZQKbNcYGGKdtqU&sig=Cg0ArKJSzJuma5HSo8c7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C4F8F519E254B495F799B368F7F3C7CC
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb-hwcIjNcCGQYOHRgmXMMKHPn02fvNwU_5PNZ-CNnGU8lcPevpZmkmDGu15kJfsyLAcKw_Eacm8BQXybnEkC-VV_wkkSHhhWpZlKzT9nQjE4eWghhBqryocOQh9DAq9Do2RhnULHN7cLaC_CWVFGI0UDXzBWF5qEyVB_9ISgCpQSTrAtA-6f2OUm9pf5WdgF8HouZoCMnpfPVGeLMHqi-tzoFPNReWDjvZ5mpGI9ZhkBsPenBa2FLE9n_K1fVusFfErWCU028AteQUx4FXhjLFRxHzNrc5q0vfjAEAl1u-isuEHbc2sCO2_sczsFzwQPU8GjorLOqRUz6kTICE7KIzqEnzSl-IHnUX08EJrZjny50&sai=AMfl-YQye0X8sKT3uSZQxsSuxWjd-5Dv1xhr0R_qazeOeRdkWMqvnYVdR5gqOniY2U8DTEaKv1sbytMtul9PMo3E91n733NFAK67rxuHgk-H3uzCxxvJXJUG7KPIM7qGBU4-C94&sig=Cg0ArKJSzDHOVUVleqKlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B5BAA97DEA1A3FD5DA953FB029640AD5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNWIMPBeoTG9394x4Jpztp_QxgLi-JSpqGRZQeOcRh1ULLW5puO7h1IZx-QMWL8f7ue5nY_3az-9WBe_YIs4iJDgHm52LZJm818a5YNnMD2p1PhUAu9hf7xEi6lSB1GJdJNZzabyYxT6P3arI6jWCJjfUp-yYyb86vQ1OUmZ3POPKwGusWo
Frame ID: 1AB94050956F71E108CC80646AA30254
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjg193SATAB&v=APEucNWAOHpQnL8QV246hztZxAlpCcJjqy5qlfDp6F1TpIX9FyHSVqtvdiTUhOKWMGhQecF6qt2cIFfKYBEjtaO4o3lfOvc0J6lq6mVitMv6fT0vbSMerz3VC-ZsQyEcJDpdsJe0GLed_aEPwbd1FycYtXlfKDblli2Bnu008cRslGrdbKpY_6Q
Frame ID: 9E8E9C1AB7E18B60BF9AFDADB8971CC2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjZ3N3SATAB&v=APEucNVPguo5A2zdoqqLzEeRr_hHal_naCDs_g09qkXam0n2IuVmHOl-lHuTbkStc3Fdu-6nEmjlQBcXWNyWCqwHefqVU0Zur_FM_hHp48BBHqnW7yHw0vTNEOH-p3e0OIUdUYjGW1ubLdAWEb42Nc3_DyjAW8xuI3pp7HIgEmgjUKNf2FTS-Ws
Frame ID: FF4555942BAAC773DFB49EFB27DAC0F4
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: 454F33D61B44990DA746DCFF129C573B
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Frame ID: 96ECF285C76727FF5B646995B430CF2F
Requests: 7 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 67D92242581629A072AA16E351939192
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: D968CDDEEB577D65E64BE3B1B4C427DC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 914BE4EB52BCAF6FD3DE7B13BBAAB175
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2FE517B6D0914219FEEE6B29EDF23D09
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Frame ID: 2082EC636D2D4DA6E84C7F8AD8760636
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 902055109162B6D1DAE26A4730F25A33
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 8A8817B2C74D264A1235274D6A931513
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 307E1204124CECA71A85F4CA42C3C5D3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 028D0D961182E70242422F9B14108B2D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Frame ID: 99C273C39B6C97353C88AC2F0D97541B
Requests: 12 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3057.js
Frame ID: C2FF1541E91A47E2878AD19027E3B639
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53549EAD4FA206AD86C297C57F8DEAEC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B1C5347729362EF4E45E7AAD3DE8095
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 626C76412AE1E1F8C708AEA08C1D0025
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: AE718CDDBF1D6EE1A04A300B29DE914A
Requests: 5 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: A1E321A3D63308538841932CAE7C37CE
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=55&key=3336921984697199767
Frame ID: 67892503B2A59FD4CEF22B95DAEFAA3D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D18%26key%3D%24UID
Frame ID: A810528E1B1B6E282869E7AEC76D8FD8
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 157A55A3102FE58580DDB14932C252C1
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1662977816666-920457583926-008341-006-009519&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 42112A62C46C2E5939385FCDAE618D91
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=200&key=OPTOUT
Frame ID: 9EA843597F2912560F039BC1400D09F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D1%26key%3D
Frame ID: 5C1B1C0DBA7753B368A02ACFBEA14F88
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=56&pid=59c9148628a0612da3689288&key=b1ae60eb-f696-40c4-ae5e-0b5bf079cb7b
Frame ID: 065C207E59C47846165836CBE00548AE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D23%26key%3D
Frame ID: E1A3B66F3E05E3CE75D58C6113A45EBD
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=10&pid=59c9148628a0612da3689288&key=UBGAkaGotYcl&ev=1&us_privacy=${us_privacy}&pid=562704
Frame ID: B1830C64E55C5B1C4B1FAEC05EA9D1A9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: EC9A8AAD1B005FD1F4FD9599A6172575
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7C6066E191862EE41CBA46BD09CA398E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1348E57B92F1425CF05F07E972CC3302
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 209FD76E9726EFCCCC499FA5FE3796E9
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662977817073
Frame ID: 16E20DEAC2F65E3F7B5472C1F33FCA55
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 505FEE6A5883D9B49B15F51003E4EDDC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E2909167C7AEC9845F6EB03CE860F055
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662977817069
Frame ID: AB0AAB683F57D29153FEF14450287B22
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: E80E0143821843973FC96BED1CD501D8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5FB6FFEEFF10BC0B4DC629246A428E50
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 54A1060D48F84311149F387E941808A3
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 97F3F1C5BA57FC1D4487BF5B4E11251A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chinese Moon Festival Cards, Free Chinese Moon Festival Wishes | 123 Greetings

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

467
Requests

95 %
HTTPS

41 %
IPv6

51
Domains

92
Subdomains

83
IPs

10
Countries

5193 kB
Transfer

13035 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&dvis=visible&ip=178.162.209.142&cuidchk=1
Request Chain 96
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 99
  • https://web.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fb0bd519644b%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff26bbd8dc7f6868%26relation%3Dparent.parent&container_width=320&height=287&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F123GreetingsCom&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=320 HTTP 302
  • https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fb0bd519644b%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff26bbd8dc7f6868%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fb0bd519644b%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff26bbd8dc7f6868%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
Request Chain 189
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx8HFWYZnuEys7aDbvpcNQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELMNrHF3gPXMqQjx9m5nBRs&google_cver=1
Request Chain 191
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzNjkyMTk4NDY5NzE5OTc2Nw%3D%3D
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGhUyF_Fh8SYGFbi3IG4dmY&google_cver=1
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA1Y7abTLMCEROMbikNxmFs&google_cver=1
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEB6mKVr7fhySzNH3By1A2NE&google_cver=1
Request Chain 200
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=05da47dd-3284-11ed-8436-1a404fd50506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVkYTQ3OWQtMzI4NC0xMWVkLTg0MzYtMWE0MDRmZDUwNTA2
Request Chain 201
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KTVEzNFAxRTJ1R1MzTTIxa2JlSzQ0SVN4RGRRMEpweX5B
Request Chain 246
  • https://fw.adsafeprotected.com/rfw/st/1164679/65553624/4.js?ias_dspID=3&ias_campId=1008867619&ias_pubId=pub-4627517680249670&ias_chanId=1&ias_placementId=18154214868&bidurl=https://www.123greetings.com/events/harvest_moon_festival/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jPq-phTAvvVOMl24CCrrwd&adContainerId=gcc_FAcfY7vtO4Ks3gPY376wAg&cbFunctionName=goog_wrapCb_FAcfY7vtO4Ks3gPY376wAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1,c:nZGO29,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-585d8b8594-rgb4b,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c1%7C1d*.1164679-65553624%7C1d1%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:31,oid:05dc9f30-3284-11ed-962f-66c62fd89671,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 248
  • https://fw.adsafeprotected.com/rfw/st/1164679/65554027/4.js?ias_dspID=3&ias_campId=1008867619&ias_pubId=pub-4627517680249670&ias_chanId=1&ias_placementId=18154214868&bidurl=https://www.123greetings.com/events/harvest_moon_festival/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i8ITHbx0sim-Hg-cKuDlsG&adContainerId=gcc_FAcfY9fPO4yq3gPE7rWYCA&cbFunctionName=goog_wrapCb_FAcfY9fPO4yq3gPE7rWYCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7428862f-96e8-4d95-5bb0-2ddc2062d845,c:nZGO3h,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-585d8b8594-9p2xh,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:thdjqOS+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c*.1164679-65554027%7C1c1%7C1d1%7C1d2%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:34,oid:05dc9fd1-3284-11ed-b464-564a2052a09f,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 286
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=53686D6C863A8D?816078193 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=53686D6C863A8D
Request Chain 292
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5368D1B8E8AF98?159660913 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=5368D1B8E8AF98
Request Chain 383
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=55&key=3336921984697199767
Request Chain 387
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=200&key=OPTOUT
Request Chain 389
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=56&pid=59c9148628a0612da3689288&key=b1ae60eb-f696-40c4-ae5e-0b5bf079cb7b
Request Chain 391
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=10&pid=59c9148628a0612da3689288&key=UBGAkaGotYcl&ev=1&us_privacy=${us_privacy}&pid=562704
Request Chain 454
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
Request Chain 458
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d025526f-c47f-4ece-b926-ce48954fafec&expiration=1694513818
Request Chain 460
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162642181303384583&uid=Q7162642181303384583&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 465
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
Request Chain 467
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1022d4e7-1ce5-4dc4-9f83-66582543f5da
Request Chain 468
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678616218&external_user_id=d37dc192-05c1-4f5c-84a7-a8917a864469

467 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.123greetings.com/events/harvest_moon_festival/ 		34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
fa3c5b47e00401eb40e1ed10c1ed63f28c25f6869d7fd0d4feb30b2a019a5b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
7
Cache-Control
max-age=900
Connection
close
Content-Encoding
gzip
Content-Length
8508
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 10:16:43 GMT
Expires
Mon, 12 Sep 2022 10:31:43 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/5.4.16
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/5.4.16
sub_categories_R1.css
c.123g.us/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/sub_categories_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:22:16 GMT
Server
Apache/2.2.15 (CentOS)
Age
950742
ETag
"225f-571586437ea00"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2397
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:09 GMT
chk_script.js
c.123g.us/js2/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/chk_script.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
13d4667177bf9777b7d9a0ce216beb8f877f4836ae8e234e689547abcbad7837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:35 GMT
Last-Modified
Thu, 28 Jul 2022 09:42:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
950775
ETag
"c3f-5e4da5b944380"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3135
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:35 GMT
335488_th.jpg
i.123g.us/c/esep_harvestmoonfest/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/335488_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57839cc464accf1951fdb130b14ab07a83d227c938adb09362bf186d347364a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 19:25:00 GMT
Last-Modified
Wed, 12 Sep 2018 13:15:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
2213510
ETag
"1f0f-575ac62904500"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7951
jake_test
Test_Pass
Expires
Fri, 02 Sep 2022 09:12:13 GMT
115793_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/115793_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3605652bf6621ecefe4ff4f43c1c2623caca95b942cb32b39b7514a43dcb90fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:46:56 GMT
Last-Modified
Mon, 24 Feb 2014 09:45:42 GMT
Server
Apache/2.2.15 (CentOS)
Age
12594
ETag
"1e7b-4f323d5ba3d80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7803
jake_test
Test_Pass
Expires
Mon, 12 Sep 2022 07:01:56 GMT
124567_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/124567_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1ae3aa2ed6f2bcaeef56190ad3e57309f9c4500012f8a41bc3379b65aaf1d5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 02:03:28 GMT
Last-Modified
Mon, 24 Feb 2014 08:25:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
2535202
ETag
"1fac-4f322b60410c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8108
jake_test
Test_Pass
Expires
Thu, 18 Aug 2022 19:36:59 GMT
111843_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/111843_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2091052d5cc5b7d9e56a38a3a100c5015c5718995ac1d3255e51843ac50bdb16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 10:08:11 GMT
Last-Modified
Mon, 24 Feb 2014 08:25:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1382919
ETag
"d19-4f322b60410c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3353
jake_test
Test_Pass
Expires
Mon, 29 Aug 2022 04:29:12 GMT
119855_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/119855_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a9c2e99ea45f89b2f3e91c1314613e6798bf3b652be41d3360943007771aff9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 04:31:00 GMT
Last-Modified
Mon, 24 Feb 2014 09:45:42 GMT
Server
Apache/2.2.15 (CentOS)
Age
1489550
ETag
"1793-4f323d5ba3d80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6035
jake_test
Test_Pass
Expires
Mon, 29 Aug 2022 04:29:18 GMT
340349_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/340349_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
8ef216dff1c6df9c75e919774c39b9df5cf404b74dc84cf7f5832325fcdab87b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:19:51 GMT
Last-Modified
Thu, 12 Sep 2019 12:16:09 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1371419
ETag
"1c19-5925a1a451440"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7193
jake_test
Test_Pass
Expires
Sat, 27 Aug 2022 13:34:51 GMT
119858_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/119858_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
13f4143e51cc843efafd0366c45774fe88baf14d5f0a9a353816c4fb3810b61e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 08:23:09 GMT
Last-Modified
Mon, 24 Feb 2014 08:25:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1821221
ETag
"1f7c-4f322b60410c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8060
jake_test
Test_Pass
Expires
Mon, 22 Aug 2022 08:38:09 GMT
103738_th.gif
i.123g.us/c/esep_harvestmoonfest/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/103738_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fe8fd4a9c528868e1284a329ac669e0a31aeffe5907497723c4a445445f63a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 13:17:23 GMT
Last-Modified
Wed, 05 Aug 2015 11:08:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2494767
ETag
"1eb3-51c8e6b149cc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7859
jake_test
Test_Pass
Expires
Sun, 14 Aug 2022 13:32:23 GMT
348073_th.jpg
i.123g.us/c/esep_harvestmoonfest/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/348073_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a35bc6dbd8e0b4f6d1577a1c55227442a4ea7427cbd15379b15d237edf201510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:37:33 GMT
Last-Modified
Tue, 14 Sep 2021 08:28:42 GMT
Server
Apache/2.2.15 (CentOS)
Age
178757
ETag
"14c4-5cbf05e864280"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5316
jake_test
Test_Pass
Expires
Sat, 10 Sep 2022 08:52:34 GMT
318724_th.jpg
i.123g.us/c/esep_harvestmoonfest/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_harvestmoonfest/th/318724_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
de2cdfb664638aa888d41ec94ca0a372b730e6c431ec79de7a5a01a83aaeca39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 07:00:56 GMT
Last-Modified
Sat, 05 Sep 2015 09:04:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
702954
ETag
"14bf-51efc4df44800"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5311
jake_test
Test_Pass
Expires
Fri, 09 Sep 2022 10:02:29 GMT
cal_block2.gif
i.123g.us/images/special_block/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/images/special_block/cal_block2.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 06:57:15 GMT
Last-Modified
Mon, 08 Aug 2022 07:13:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1999175
ETag
"5fd2-5e5b58d1ecac0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
jake_test
Test_Pass
Expires
Wed, 07 Sep 2022 07:30:16 GMT
330336_ic.gif
i.123g.us/c/birth_happybirthday/ic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_happybirthday/ic/330336_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
55297ecf8327a1d7755c0b4ac3ff5da39523af30332cd8194d709fa4a7014b82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 14:17:15 GMT
Last-Modified
Mon, 21 Aug 2017 13:39:22 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1195175
ETag
"fd9-557439b363680"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4057
jake_test
Test_Pass
Expires
Mon, 29 Aug 2022 14:49:46 GMT
1.jpg
i.ytimg.com/vi/3kyn9Es4HoY/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/3kyn9Es4HoY/1.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb5d03d066ef45cc4a474c9d16e85a005726c2182b20086718de4a02570085d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:55:01 GMT
x-content-type-options
nosniff
age
1309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4874
x-xss-protection
0
server
sffe
etag
"1435419900"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 12 Sep 2022 11:55:01 GMT
103272_ic.gif
i.123g.us/c/esep_grandparents/ic/ 		801 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_grandparents/ic/103272_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f6fb9a3d8163fa605b08d1f596256052a7677ea3c1b945d2597f4aa5cc516cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 13:20:44 GMT
Last-Modified
Mon, 24 Feb 2014 09:38:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1457766
ETag
"321-4f323ba8c3b80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
801
jake_test
Test_Pass
Expires
Fri, 26 Aug 2022 13:35:44 GMT
118996_ic.gif
i.123g.us/c/birth_wishes/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_wishes/ic/118996_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6ec673d424147e19640e15aa01cc5d7fcded63feebc1db7a75e91cbbfd2f1151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 15:17:57 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
1018733
ETag
"b97-4f323db63d340"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2967
jake_test
Test_Pass
Expires
Tue, 06 Sep 2022 12:16:43 GMT
1.jpg
i.ytimg.com/vi/tNqUORIFV4I/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/tNqUORIFV4I/1.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e30fd50e0873194c063148d3eaae833b0ad4fd8f1d9997df3196948526c9928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:12:56 GMT
x-content-type-options
nosniff
age
234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4317
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 12 Sep 2022 12:12:56 GMT
330286_ic.gif
i.123g.us/c/anniv_wedanniv_couple/ic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/anniv_wedanniv_couple/ic/330286_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
dad4127a2c2ec0b83670955fd8934c6b1ecf84a09bbdf8ce4cf64d48d920a660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 07:06:22 GMT
Last-Modified
Wed, 16 Aug 2017 13:46:32 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1480228
ETag
"ea0-556df1fa29e00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3744
jake_test
Test_Pass
Expires
Fri, 26 Aug 2022 07:21:23 GMT
112108_ic.gif
i.123g.us/c/birth_sonanddaughter/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_sonanddaughter/ic/112108_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d82ac656c0175d252d08f5a4c029cbada55a413df58910cdf0be7e6871226571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 18 Aug 2022 18:02:12 GMT
Last-Modified
Mon, 24 Feb 2014 08:16:41 GMT
Server
Apache/2.2.15 (CentOS)
Age
2132078
ETag
"a50-4f32297610c40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2640
jake_test
Test_Pass
Expires
Thu, 18 Aug 2022 18:17:12 GMT
350809_ic.jpg
i.123g.us/c/love_iloveyou_general/ic/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/love_iloveyou_general/ic/350809_ic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3a65bf5ba22c9190dc17ee1af4e09c9b3b9426c6d77c665ca25072dcdd43836c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 15:14:22 GMT
Last-Modified
Thu, 11 Aug 2022 09:27:50 GMT
Server
Apache/2.2.15 (CentOS)
Age
154948
ETag
"895-5e5f3c7799180"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2197
jake_test
Test_Pass
Expires
Sat, 10 Sep 2022 15:29:23 GMT
346130_ic.gif
i.123g.us/c/gen_thinkingofyou/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/gen_thinkingofyou/ic/346130_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c4e4bb8fadc43078cdaa7cf5724af61540fddfeffe414b4ab817655f532e2cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Fri, 09 Sep 2022 13:05:38 GMT
Last-Modified
Wed, 03 Mar 2021 10:23:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
249072
ETag
"c4f-5bc9f3cf40400"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3151
jake_test
Test_Pass
Expires
Fri, 09 Sep 2022 13:20:38 GMT
113600_ic.gif
i.123g.us/c/anniv_anniversaryetc/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/anniv_anniversaryetc/ic/113600_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ab6521d7f8270a417139743c6dfb2cf083d647b4d350a25e13faade0e857a9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 15:33:18 GMT
Last-Modified
Mon, 24 Feb 2014 08:24:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1968212
ETag
"b57-4f322b242c300"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2903
jake_test
Test_Pass
Expires
Sat, 20 Aug 2022 15:48:18 GMT
110222_ic.gif
i.123g.us/c/esep_chocolateday/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_chocolateday/ic/110222_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
420e8665c913d96f8f0f1e128aa850c0b7279c6491da6d3251b39ae4c479976c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 17:43:03 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2306027
ETag
"ad7-4f323c4fa8540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2775
jake_test
Test_Pass
Expires
Tue, 16 Aug 2022 17:58:04 GMT
349048_ic.gif
i.123g.us/c/birth_hubbywife/ic/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_hubbywife/ic/349048_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5996cba77fcff80cdb76e4555cda37d6cc86ebc4669ed9669fb438db4d3ea945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Fri, 09 Sep 2022 12:09:33 GMT
Last-Modified
Tue, 21 Dec 2021 07:28:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
252437
ETag
"ce0-5d3a2f3bd85c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3296
jake_test
Test_Pass
Expires
Fri, 09 Sep 2022 21:11:34 GMT
121772_ic.gif
i.123g.us/c/birth_bronsis/ic/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_bronsis/ic/121772_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d504e20da3974e8c88147d37ec376347e8269fad099c9e60b67d9cf7c830aa5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 18 Aug 2022 16:14:00 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:07 GMT
Server
Apache/2.2.15 (CentOS)
Age
2138570
ETag
"9fc-4f323b3746fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2556
jake_test
Test_Pass
Expires
Wed, 24 Aug 2022 08:25:36 GMT
103105_ic.gif
i.123g.us/c/esep_flowerofthemonth/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_flowerofthemonth/ic/103105_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3644c7d20e5506c54c5b0a56ee92f2346f93263115b1ca259c6138cffeabc6bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 19:26:06 GMT
Last-Modified
Wed, 05 Aug 2015 10:55:34 GMT
Server
Apache/2.2.15 (CentOS)
Age
1090244
ETag
"a2b-51c8e3df5b580"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2603
jake_test
Test_Pass
Expires
Tue, 06 Sep 2022 18:46:22 GMT
103119_ic.gif
i.123g.us/c/esep_posthinkingday/ic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/esep_posthinkingday/ic/103119_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
228d9ab2bd97935adc6a0db2d9431c500aa0969d220ed21882c3f684ea04b46e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 06:15:28 GMT
Last-Modified
Wed, 05 Aug 2015 13:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1051282
ETag
"ae2-51c904bf885c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2786
jake_test
Test_Pass
Expires
Fri, 02 Sep 2022 15:00:36 GMT
jquery-1.11.1.js
c.123g.us/js2/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery-1.11.1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:09 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
950741
ETag
"1762e-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95790
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:09 GMT
jquery-migrate-1.2.1.min.js
c.123g.us/js2/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery-migrate-1.2.1.min.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:45 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
950705
ETag
"1cb3-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7347
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:28:17 GMT
swfobject.js
c.123g.us/js2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
950752
ETag
"261f-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:00 GMT
123g_utils_v1.js
c.123g.us/js2/ 		123 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8118f9caab521097310cbd5980732e472a431511536759da6a7f475e2f9b1c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 06:15:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
950756
ETag
"1ed63-5e5b4be87d440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30681
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:54 GMT
utilsopt.js
c.123g.us/js2/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:40:59 GMT
Server
Apache/2.2.15 (CentOS)
Age
950775
ETag
"57b2-5b3459d6f84c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:35 GMT
123g_subcategory_opt.js
c.123g.us/js2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_subcategory_opt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 12:15:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
950740
ETag
"2257-5afe5ec74c340"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:10 GMT
rakpanel.js
c.123g.us/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
950755
ETag
"d4c-57300e738b200"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:56 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:42 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
950768
ETag
"4ec6-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20166
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f71531399225b82a624bf17187993fbdfb8010f50e45d2d1493f0ac66e7b47a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57611
x-xss-protection
0
server
cafe
etag
4342299361292830827
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 10:16:50 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44c6ba7ce3d9628a9187a2a3f90fc4b8d247bafcb5a54f96927d0a44de7c9292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41876
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Sep 2022 10:16:50 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff2b2ab584c77a03ee6570e9d5ad2dc1e66461091c59a0027b6d4d35aa81b539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76686
x-xss-protection
0
expires
Mon, 12 Sep 2022 10:16:50 GMT
styleopt_R1.css
c.123g.us/css/ 		81 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/sub_categories_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2022 05:14:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
950774
ETag
"14218-5df6a8f0bdcc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16272
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:06 GMT
modal_window_R1.css
c.123g.us/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/sub_categories_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:38:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
950751
ETag
"8220-5a7b79c425580"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:59 GMT
clear.js
s.gk.123greetings.com/2/945541/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/chk_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cedc9bc5b094627eb856fb1c4342e24857c64c772bcff65472593832587da7d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:50 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2653
Expires
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4178e2f41734acdf212e7481b0376c76298f8356feb9d2e63841f9ccf267ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Pn6mU1W6trKbA1ZDpbnDlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
rzktXvEu0o4w5vE//xZCmTEYpv5fmL4y4N/TB27vlvgOVbg7JFAG29DYYzDKmyMTI+mTKmAvEYrQUZaGaXd92A==
x-fb-trip-id
686109401
x-fb-content-md5
e233a120e73169f9738cff6c97db068f
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 10:16:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e999f024a8559fea5111eef1f99f22b3"
timing-allow-origin
*
expires
Mon, 12 Sep 2022 10:19:14 GMT
123g_master_bg.png
c.123g.us/images/ 		145 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
950774
ETag
"91-54a227b81c940"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:36 GMT
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:46 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
950704
ETag
"1861-5e17a33733040"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:46 GMT
icon_set_R1.png
c.123g.us/images/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Last-Modified
Fri, 20 May 2022 05:14:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
950774
ETag
"22ca6-5df6a8f0bdcc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142502
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:36 GMT
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:10 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
950740
ETag
"21653-5924300b6d700"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:10 GMT
master_icon_set_2.png
c.123g.us/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:57 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
950753
ETag
"15fce-5d80a1da24680"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:57 GMT
123g_master_icon_set_2.png
c.123g.us/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
950774
ETag
"f1d2-5d80a1da24680"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61906
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:36 GMT
request.js
trkn.us/info/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.232.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-232-15.compute-1.amazonaws.com
Software
Apache /
Resource Hash
dfec9b8604ca21c6d9bf3cd4867f8e2c2e1cf9821eb20d31a1a0664b20f99215
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
733
Expires
Sun, 01 Jan 2014 00:00:00 GMT
addressbook.js
c.123g.us/js2/ 		401 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 06:15:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
950756
ETag
"64550-5e5b4be87d440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77410
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:54 GMT
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28684
x-xss-protection
0
server
sffe
etag
"1331 / 749 of 1000 / last-modified: 1662972584"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Sep 2022 10:16:50 GMT
closeBtn_h.png
c.123g.us/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:00 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
950750
ETag
"42a-54a227b6344c0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:00 GMT
sdk.js
connect.facebook.net/en_US/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1a10692c8f6f3e423341dd4c6badba79
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa89662c4865f35ad323fe7728a6687c78b80a0db3e192c24b438de1f814e6c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/
Origin
https://www.123greetings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BF18M0WpRO/ebueKFnLisw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86540
x-fb-rlafr
0
x-fb-debug
2tm8+GuakutABsf57cJM2VbYR4Dl3bSdayWn/+pR+LxqpLhphjDZ9IxXu3p978npqtpu0ycbukS+0H5OD8mKqA==
x-fb-content-md5
68d16e12a0262ef1885f2a4e25a55b12
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 12 Sep 2022 10:16:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7f741e08813f69ba0a01391ec8dee99f"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 12 Sep 2023 09:50:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3652
date
Mon, 12 Sep 2022 09:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 12 Sep 2022 11:15:58 GMT
collect
region1.google-analytics.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-47Q5QDHYDP&gtm=2oe970&_p=178126302&cid=184159887.1662977811&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662977810&sct=1&seg=0&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&dt=Chinese%20Moon%20Festival%20Cards%2C%20Free%20Chinese%20Moon%20Festival%20Wishes%20%7C%20123%20Greetings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a6b44f20836bb0cc7a629d225348730be0b603b1da1764d6d361fb657d98e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124232
x-xss-protection
0
server
cafe
etag
2742981689124652378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 10:16:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame BE67 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 15:34:28 GMT
etag
8616628553774171045
expires
Sun, 25 Sep 2022 15:34:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
connect_config.js
c.123g.us/js2/ 		203 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.241.45.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:17 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
950734
ETag
"cb-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:18 GMT
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?oz_pl=1&dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&_x=1
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.gk.123greetings.com/2/2.68.0/ 		161 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/main.js
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd6b83da7feb207b78af33f8270690be835a8fcdd34ad223489816b99b2e9064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:50 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
51475
Expires
Thu, 21 May 2054 09:25:40 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 09:55:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		689 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f1f3196a7675177c3f676251130a086f6faed6535cbcb6c12a73e0c72d6a2285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
expires
Mon, 12 Sep 2022 10:16:51 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=178126302&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ul=en-us&de=UTF-8&dt=Chinese%20Moon%20Festival%20Cards%2C%20Free%20Chinese%20Moon%20Festival%20Wishes%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=862331249&gjid=346386598&cid=184159887.1662977811&tid=UA-5085183-1&_gid=1990106685.1662977811&_r=1&gtm=2ou970&z=294717370
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		220 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
08bcabccf8ce9fd90f2a092d81343a0d29da6fa85297b744096b35cc98b0ff0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6B3F 		150 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1662977811&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977810856&bpp=4&bdt=583&idt=264&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=99238328942&frm=20&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977811&ga_hid=178126302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=592777021610199&tmod=1518744475&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8685d1c0fc421dcbcbadc1e7bafe689c6a71920b327ba2d2bc37cac3c2b74263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
42904
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:51 GMT
expires
Mon, 12 Sep 2022 10:16:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?oz_pl=1&dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&_x=1
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_...
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_...
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&dvis=visible&ip=178.162.209.142&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Server
3.228.232.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-232-15.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:51 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 10:16:51 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=5671371316.5970955&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&dvis=visible&ip=178.162.209.142&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5085183-1&cid=184159887.1662977811&jid=862331249&gjid=346386598&_gid=1990106685.1662977811&_u=YADAAUAAAAAAAC~&z=659879169
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Sep 2022 10:16:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		224 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=592777021610199&correlator=2802244696365205&eid=31068500%2C44771143%2C31061167&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=46400095%2CDesktopWeb_SubCategory_LB%2CDesktopWeb_SubCategory_Mrec%2CDesktopWeb_SubCategory_SecondMrec%2CDesktopWeb_SubCategory_LowerMrec%2CDesktopWeb_SubCategory_BottomLrec%2CDesktopWeb_SubCategory_BottomSecondLrec%2CDesktopWeb_SubCategory_LowerLB%2CDesktopWeb_SubCategory_Video%2CDesktopWeb_SubCategory_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C970x250%2C1x1%2C1x1&ifi=2&adks=3914305483%2C1127719608%2C4293624944%2C3694362538%2C3926068587%2C1178609660%2C2276923048%2C933155397%2C4230775942&sfv=1-0-38&fsapi=false&cust_params=site%3D123greetings.com%26section%3Desep_harvestmoonfest%26page%3Dsubcategory&sc=1&cookie_enabled=1&abxe=1&dt=1662977811302&lmt=1662977811&dlt=1662977810273&idt=987&adxs=560%2C970%2C970%2C970%2C970%2C970%2C310%2C0%2C320&adys=47%2C236%2C518%2C1870%2C2152%2C2434%2C2722%2C2916%2C1157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&frm=20&vis=1&psz=980x90%7C320x262%7C320x262%7C320x262%7C320x262%7C320x262%7C980x37%7C1600x2896%7C630x0&msz=728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C980x0%7C1600x0%7C630x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0&ohw=728%2C300%2C300%2C300%2C300%2C300%2C0%2C0%2C0&ga_vid=184159887.1662977811&ga_sid=1662977811&ga_hid=178126302&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
92c5751d75fa59bb115568eeb5ce689f015b2e1053967ab26bc14c710e2a8993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41725
x-xss-protection
0
google-lineitem-id
-1,-1,-1,237051735,-1,-1,-1,5501288042,5461263814
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,99278132415,-1,-1,-1,138326033967,138321279906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 007B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:51 GMT
expires
Tue, 12 Sep 2023 10:16:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977811238&oz_l=202&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977811420&oz_l=4179&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
2bcebc60-f92d-4254-84c7-c0d8fd723d32
https://www.123greetings.com/ Frame 7579 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.123greetings.com/2bcebc60-f92d-4254-84c7-c0d8fd723d32
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977811576&oz_l=996&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
055fc381eb8d88da1ff7c6e2c2109237e3d4c04f13778d3278a72ddc48078625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54580
x-xss-protection
0
server
cafe
etag
33130468609488213
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 10:16:51 GMT
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977811770&oz_l=4830&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/ Frame D1FA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 17:30:00 GMT
etag
8616628553774171045
expires
Sun, 25 Sep 2022 17:30:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame D1FA 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 09:00:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 10:16:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 10:16:51 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D1FA 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:49:28 GMT
x-content-type-options
nosniff
age
8843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 12 Sep 2023 07:49:28 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D1FA 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:06:54 GMT
x-content-type-options
nosniff
age
597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 12 Sep 2023 10:06:54 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame D1FA 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec9ae04448369cfd061688be0e2203a5696e42a15d1c179e7ba7849acb2c63cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8353
x-xss-protection
0
server
cafe
etag
17005385338368023289
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:57:02 GMT
css
fonts.googleapis.com/ Frame 06CC 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 09:01:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 10:16:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 10:16:51 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 06CC 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:13:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 06CC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:58:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 06CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:04:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 06CC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:52:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06CC 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
8e474446b56ed6ef0feeec2d987f1a60.js
www.gstatic.com/mysidia/ Frame 06CC 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 11:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 04:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 11:12:58 GMT
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977811921&oz_l=276&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
s
googleads.g.doubleclick.net/pagead/drt/ Frame 127E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2251
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 09:39:21 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 127E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:52 GMT
expires
Mon, 12 Sep 2022 10:16:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977812076&oz_l=868&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
bc42ff62-d0e6-47d4-b560-2f3dbcabe2f6
https://www.123greetings.com/ 		787 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.123greetings.com/bc42ff62-d0e6-47d4-b560-2f3dbcabe2f6
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eda230dd867267de3ee51f6003c89cb0a60073e35674ef98d425111b5d40247a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
787
/
www.facebook.com/login/ Frame 8488
Redirect Chain
  • https://web.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fb0bd51...
  • https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fb0bd519644b%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff26bbd8dc7f6868%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1a10692c8f6f3e423341dd4c6badba79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 10:16:52 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ISwQkNdevP9nhIOr1bDarJAABGynFx0/O3m1nBrMWvhwqTy7nkjLhB5N2rcm4S8QhShUjuKzn8LnJ6Lxubz1mw==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 12 Sep 2022 10:16:52 GMT
location
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.4%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fb0bd519644b%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff26bbd8dc7f6868%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320&_rdc=1&_rdr
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
L7WoZOiO76PDOM1Q9FZn3Ttm1n/vNzZCUZehqj5PHKhXQgbeBZGgnuYZNhlBcyhZrv2ithiQUGGzHfJjVaSqlQ==
x-fb-zr-redirect
02|1663064212|
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed4bb0acbc166cec06f1acb02f93ab96475b64f38ccffecbbd09e5018daad3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11275
x-xss-protection
0
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame F513 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977812253&oz_l=358&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:53 GMT
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977812422&oz_l=6768&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
container.html
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2EFB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:51 GMT
expires
Tue, 12 Sep 2023 10:16:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E516 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:51 GMT
expires
Tue, 12 Sep 2023 10:16:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 287F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:51 GMT
expires
Tue, 12 Sep 2023 10:16:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 20F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3rH7iHVccYedqaWFOJXimOceyMHo-Y-6Cfp3fbSk6FfCp_VBN0livR_vSuxNLzW9jmoA831VCYQxzmJ3SAMTdR_JpBwdSYRJlNUsoGjcpqh4xAglOYdyIiUXTmwFcRLN04-36Z7NLB8oT1Dn599ygRK8RwT3Gb_SO_VVg4IiwOLP1ipNRHaIH8COUl2rpGiOF4ShQbQI_FFiFqYgaZ7ngqIifcdb4XVJiKsqExYe-RfzlElao08ahNKDf_kUAF3klseHAsXEcotqiT-93-Af9yTx0qCvNWa3IDdiZ0JbPfy79M670e49n6bJZMyQDFhoobxSrpOgpokotsKHSxWJ_mi9rWqnWcwE7ZZg&sai=AMfl-YR2gf3z-cyTRDbFJOXrYpuGFehZ2JgyKp2K3ze6DWJecR0vag-3vq67ejLYQeSsgipvAWzEXjPTK3IUWKv_YTDyy5IK2UJjKh416-1KvjowZ3cEFOyvOOJUhqmAXq6du5A&sig=Cg0ArKJSzNJqkjMcSFOxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 20F4 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0069b5d6f3064b7aac9be3ba03ae5a7a6f88ca1f65850b6058c77f01936c11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40139
x-xss-protection
0
server
cafe
etag
5554391186340446859
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 10:16:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20F4 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208121708000/ Frame 2010 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61526
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1753c5424806777"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 2010 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"23fb7130d171a0c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 2010 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd6960dd2dd8774b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 2010 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8204400aa9812838230020b85aa8a04b36bfda27cb0f4758ed83312a0fd7251
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
391644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16694
x-xss-protection
0
server
sffe
date
Wed, 07 Sep 2022 21:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0687e169b24ec27f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 21:29:28 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 2010 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1914
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6863aa0ddd5cf3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 2010 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12954
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"008ca125395468a7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:26 GMT
truncated
/ Frame 2010 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adadbfffb9369a316d5098a6f7bf893ad5bb14f3035ea19704917cd11639f023

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
img.jpg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 2010 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/img.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
052ce0b834644560823d0cef583e60182a96e618c478644960bb1701af938155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:15:33 GMT
x-content-type-options
nosniff
age
363679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54422
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:15:33 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 2010 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/logo.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a6ad0970efc1373469821086a341a32982b599e09e4d198ac485941ccf610cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1475
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
button.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 2010 		2 KB
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/button.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb768c7edd2da1a7e1f8325537f4c393dfe06fc4b96e47fe1ecd10bb54d2484e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
857
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
headline.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 2010 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/headline.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c5be5013131ada04bc2dd4da9493d8f17c040dcb986135dfb3a26a7f18b29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2939
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
cityX_txt.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 2010 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/cityX_txt.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b7df25cacf06d8a2cebaaf5df973a5ba704cf85f150f39db62744e010e3e8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1327
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208121708000/ Frame 1DE2 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61526
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1753c5424806777"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1DE2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"23fb7130d171a0c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1DE2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd6960dd2dd8774b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1DE2 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8204400aa9812838230020b85aa8a04b36bfda27cb0f4758ed83312a0fd7251
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
391644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16694
x-xss-protection
0
server
sffe
date
Wed, 07 Sep 2022 21:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0687e169b24ec27f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 21:29:28 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1DE2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1914
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6863aa0ddd5cf3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 1DE2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12954
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 09:46:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"008ca125395468a7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 09:46:26 GMT
truncated
/ Frame 1DE2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed9fc910d217897ab4b68196d68c122182c5169b1ae7634e29ba7ee28cbcbd76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
img.jpg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 1DE2 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/img.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
052ce0b834644560823d0cef583e60182a96e618c478644960bb1701af938155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:15:33 GMT
x-content-type-options
nosniff
age
363679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54422
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:15:33 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 1DE2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/logo.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a6ad0970efc1373469821086a341a32982b599e09e4d198ac485941ccf610cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1475
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
button.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 1DE2 		2 KB
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/button.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb768c7edd2da1a7e1f8325537f4c393dfe06fc4b96e47fe1ecd10bb54d2484e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
857
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
headline.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 1DE2 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/headline.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c5be5013131ada04bc2dd4da9493d8f17c040dcb986135dfb3a26a7f18b29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2939
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
cityX_txt.svg
tpc.googlesyndication.com/sadbundle/7318166227556956766/ Frame 1DE2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7318166227556956766/cityX_txt.svg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b7df25cacf06d8a2cebaaf5df973a5ba704cf85f150f39db62744e010e3e8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 05:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1327
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 15:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 05:32:44 GMT
container.html
4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF89 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:51 GMT
expires
Tue, 12 Sep 2023 10:16:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C4F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1IgN3FRy_HCo2mQZGcRo_zHCyRloLQCJlDNKodWwHMwFkxi2BIj_qo-Fxtmt-Ptq0cZvhplJ2zcdtCHk0uRwXZ1vd6OnVtCRCpn1xfgvUJizeCghS3AggaKvnCrWR_LjJJ_iUC-QNYbzgKHJg3HAAJCKrqtC_0PyUmLdcRA111jqdQht89GatW3HbFsGfEL_hsVrc_OXuVZ-FbuReEy4h9hDg_qH5gPOlB_c9-V5MptP7M5aYGSt8ybDKW2odXuJP8uBkCThyrQW2FX-Q0RH5CTDWMz_V9yM1938vNDk1MkN3YrIlCvnmj5p1K-nmaP12SXynf44bCVoSGpMINo4awrDczWyC7GXo&sai=AMfl-YR4URhjyRp5LtUxdDZmhyHNRz5bIU4XTKPTwhtKGzJdaW-NlX61eqGVHposD7nAeAgae4y53cH2MnqYG_MO9gwsAG1vVYYJevetaTNFoZScLiMtEmBVHZQKbNcYGGKdtqU&sig=Cg0ArKJSzJuma5HSo8c7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame C4F8 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
10090
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 07:28:43 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
-OMDbTZUm_5NtQgw96WPRUC7xSRYBFAR-zCk6SeCqtX6og59G6c3Cg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4F8 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb-hwcIjNcCGQYOHRgmXMMKHPn02fvNwU_5PNZ-CNnGU8lcPevpZmkmDGu15kJfsyLAcKw_Eacm8BQXybnEkC-VV_wkkSHhhWpZlKzT9nQjE4eWghhBqryocOQh9DAq9Do2RhnULHN7cLaC_CWVFGI0UDXzBWF5qEyVB_9ISgCpQSTrAtA-6f2OUm9pf5WdgF8HouZoCMnpfPVGeLMHqi-tzoFPNReWDjvZ5mpGI9ZhkBsPenBa2FLE9n_K1fVusFfErWCU028AteQUx4FXhjLFRxHzNrc5q0vfjAEAl1u-isuEHbc2sCO2_sczsFzwQPU8GjorLOqRUz6kTICE7KIzqEnzSl-IHnUX08EJrZjny50&sai=AMfl-YQye0X8sKT3uSZQxsSuxWjd-5Dv1xhr0R_qazeOeRdkWMqvnYVdR5gqOniY2U8DTEaKv1sbytMtul9PMo3E91n733NFAK67rxuHgk-H3uzCxxvJXJUG7KPIM7qGBU4-C94&sig=Cg0ArKJSzDHOVUVleqKlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame B5BA 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
10090
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 07:28:43 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
mE88PeKlfGNrdeRDCUjiGJZLjSUL9WSuxp61P602_g-iHlCF4X8rTQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5BA 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2010 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
1694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2010 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
8756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
l
www.google.com/ads/measurement/ Frame 2010 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStgrHfQYO8SGXIS3cD-_4NGBoRqdy6zGgrRg7dNdQ_bZlbGzfGtxF9PoTWUcRBxrx9mHLHDke78aipI1Cbgcaw2nh1xg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2010 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdHguEwcfY9CvGumk3gPk1ZTABpig061sls3Qhp8Qg5n0_QgQASDv9pAhYJXKn4KwB6AB6cWqnQLIAQmpAoa-xJ3d2LA-4AIAqAMByAMIqgSQAk_QssO4XJKfx2Nhgx298FPT8-nWlfNZ6sqjxCrfkt_tWhL8_VPBYrkXXufP-PGcf4sB5p1ZmKLsRvZWyQePfaXz5yMdTbMvglnvT7_ULDoPspaO7f5TIGSSZR4i47tacqcFyhH5RHMKSBBwDonkdQUw0e0vrkDq_3NYubTTKeC5SwfTdAqogaWNF5tSHfaUeCHKMOgDct28x_fkDQw72jumbVgJIXuhA1Df1_Vr4h5Vb0szz0v96lW6KORaDiGmyt7fTbzy6TXQQZYh1PUmFLgFRECld490M1rqMzTcLZEiRR1kVOHeVeLzX-ssXDZce4-t0RmOX9JzA9xebWh8YbFeFEOZgE0dz3SqvSBFtbylwAT63I7KmwPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD_1RHSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MBj_1xc&sigh=gTMZZqSdf1I&uach_m=[UACH]&template_id=419
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1DE2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
1694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1DE2 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
8756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
l
www.google.com/ads/measurement/ Frame 1DE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWP2Ewjv3aEJNMl-SJtPiMArD6aNJGON3xlZO4ycefUmx4v0M-_j5ch5nCcZ1eE0i4PLrDo6bFfqV99yhvP6Z3Umrvtg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1DE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIzU9EwcfY7-xGumk3gPk1ZTABpig061s1sXQhp8QrqSa-9IbEAEgheySAmCVyp-CsAegAenFqp0CyAEJqQKGvsSd3diwPuACAKgDAcgDCKoEjQJP0KzQDlGS_HfNxGh1-cb-rA6XgVeG_eJV9_t3TmiLLB3EpZdEAF5UA8Tx_oUQFB8gGHJj7Mz5oj5EoRlXJqFHMhM2MmLbPT251keuFcYmz_B98qEi2jNEwV_b3uVGps-vxL0HbK5VVevQyNbJwrEeJ11iRJ6i4JyR7Xjn2YmdGhlHVU7VGqw3TX4TRZjpMgRLdWUw3oaQ3LhcDZlNMYX56L3_qYnp3Dbs5Wh24JIY070R1Xp332gQUkn7xrye2zel5nEfotVIh5FA_MaYVrm85gBgD105SIkYqk-MIhEWpo6nsmCA_YTxdtUwFGhyF3wTFleUXFPeRXypEAmXW6FGwr3Swk89vgr8hjaH38AEyt2OypsD4AQBkgUECAQYAZIFBAgFGASgBi6AB_-51eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQouGKAdIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKAcgLAdgTDYgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi04Mjc1MzAyMTA3NjkzNjY0GP_XFw&sigh=3ll8duNvx14&uach_m=[UACH]&template_id=419
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 20F4 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a85a086bd99d58e42f1f99aec170c0da4911032a8a4f34e38e7e9ae40cdf3f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124742
x-xss-protection
0
server
cafe
etag
9352804512083561557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 10:16:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1AB9 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNWIMPBeoTG9394x4Jpztp_QxgLi-JSpqGRZQeOcRh1ULLW5puO7h1IZx-QMWL8f7ue5nY_3az-9WBe_YIs4iJDgHm52LZJm818a5YNnMD2p1PhUAu9hf7xEi6lSB1GJdJNZzabyYxT6P3arI6jWCJjfUp-yYyb86vQ1OUmZ3POPKwGusWo
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:52 GMT
expires
Mon, 12 Sep 2022 10:16:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2EFB 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmRl3r9Ha8ABovHkz7mRMYVk3bsyLirKVsPWth47LZKH7LB6-iN9Pd93ZC1vDHzAeXw-WDt1F8AFGSDdmtNL8vVgsXQA&cry=1&dbm_d=AKAmf-BBun1YzJ06RYiEt5KKmlwEeGbmMXahSjIOeB4v68oszDR10p8Y7eKenx6xRfq2AqdcKhwKSFjivQdTYCT7xhTnVH43b19CMvBPTrcNJnRegQ4y7Xzf_b2WLK2rTVYx4UCSSs1osB9YXOdVIzI7nZKrguJIKdO749h6ZgDj2AczaiXaXlQ4sJPStVcDe0EI9F2xH-fPb5R39gF6CWLv90UnEbjqkkOdaFDjvyrQp6iR3L3cOeq2zGBu6Y2-m6a-Y2qlnMp6l16mmvuRwU6xM1BlUlDB1GOoXOB5sDXhJoS6QwIlDVsiWC1oIj1dIAvM_AOkgeb-8UIRMi4eIzkhcgEclYW_4cGhSgSU_-ZlSzRqjhXzdkZqE_aoVzolR_ZJpRD_zFM7t0IcH-ii5eaQoA-2ko-CMqtA9D-Lx-JysuZYAnD3V5u5PVG0Xd9o_FnUWrnpch1iuTPgegMtXE3DHnwAwNRHybnalwM0ZUaFpYPLS9PgDQQX0ANeE0vfj5KcnhPlHbzBxybGE7Z1jwnOP3mVp0LtQbkjW-WxW7JnK7pgMGtWmFhRwce2Sf5eM-Kj_n9LyA0k6c4HcjQ_KlfJIuudDhkn_ijL_zYQWa7NqZ9gtS2WF4MUtrtGeCgPVwhu3xQLVAF3oX6n6TQoZ2WbU-XpScMNuRRKvjr7Vu47dAQtBRgoXvcqjpWuO2Sz8z0IpGyVGIgru6oCs4lrEjJy94re1iTgeiqXV13T-3aqcz2Sb1g_aMjqXvVPUfcx8Na3ZXvM8Rn7SVepG7fpWTE6HjngK5zdej9B1Kx_NXOg91oKzL-C12yotTlCJ4Kty8uT1E7S0IHMYWBCIx9OUIwfC0oE-bHAwn58iPCJNrCCMpC8d240jVAtQ4BcQU2I77SvJIDArgjLdJlRRozK2nvJ_2Af38qQ5m4oKbaDFt9AGjqqomdB6Mhwrtlg0QWLCNkoMIz45VznHJngE6T3tTbjXgSKJfnhvsDl3KA8QRZ9aRgekAEPP1FgoG9Qnqjq1LLops5f-5MxAJPjfFrd3ha2DB2L9ZMnCUE1iinVrwyymKJo-1G0Ht5JxWjpYBKu-TB6XejoUuU58JwI0jKveMmIKfs_Off3esUvcU9xzPoLwnHiCOYytzXFj62_yFuCJIyb_cvDTLfazEq568wwOOo1ViV8-3EMEsiG9l1xwYJ-XW08sMrVIu_weZJF9huqopbP0DKpqk6QyKxc92HHcihyHcLUkKzgVrJgPQFFiaHtshuXRAGuElt9fzN1eFwVcCnrCFH2BHT3q6-fRD1VH1NtgnJjpAQtyUQswOnTwH2KjeyIoIFSP0tClR-im1dn8vdPKANgyl1-Pa5Vh9rEyCFmc5b0LS5yaBKkTN0DYTYnXqxL48nr7KP2LPNMQ3iJHUAvrsyX7e01d1QZ7qlnrMuQdQ_Kk3SPKdPRrZfzNiNJLSre9B-u9_JQVGNlmPPvNgQ5WLaibG0VFC58CEgPlzoBx3FK7xBb5kbDB05qjSJyCYWMOIGEcqCij3JGvp3ruwQ6vgOk5BSsailLuq2DRMIw9e5G5yORa9sq52bolr7FuXnpDxi7TRnUxyUAAEZLsImBoD1ITVnGEoTHFyXDgd8d3QpTBxv9VMkUC9r6FA-24aua_LDVsgGsUQ795HrzN9SfHGi7w7qxB-G8a3czroL5rg_sJ6BDnv0Sj39qxTre_1KS5w9Nedd6Kjvve5A4sAcJZf_8JWGxzXE01xwGKzjJ0wgQKKU7z7iX_RzZtnPpZc-xSU9LfZtwkuMpKvGETURq7hWJnI6gLez_Zim6Kqr73nprq5VeUKnLvNv8na9h5Z-sGNGGu2tGGpgWNF6bc8fwEyn6zQaGPzmuJribLblN5B6WtYGh0tcIfgv5_xQqp_TYi_s3kJXoWfXYlU0rJpshEU26ox0spD8a2U8fwfA9j8fqbi0J-nisoBK9EItQBDm9ets6NUOND-RFmxFT4Iz2o0tVfkzaenmXWZ7fw5wwAAbh_vbN-iEWruojTOa6qocRvemB_UqmRP_vPkP_dc8GmZPC4FcWNaenBL9guRk7JHPIYFMaL7xB5ZPHUSmLsT5r89-vY3hP-LQMOJt6nqYbnZijxB9G7LsQRhOlCsJ595S3j6aNACPw7-whrSHQaDrqancVZUaVl3bGAQREMA3sHgIO6T6Edgw13eksihBeN6XLXSlFnuESuCrrbVLcBXeQZui5DwfMNu1RZgP9jWn6W0clsngGe-54MX-dk98WeKBaogKijf_38Nj-eXlhpmDPYsX87RQBdju3VRqzXY6MP7hSBRDPw54NDIJrJPoNk8yZibEjkjDOREVimQea1UmNb5a0P2ilmn5T8fdeyN8XYjndEx5u6L9HT9Vv77tlB0FNIHn8uJgG5JiWQhIgFc7f2fQECuzqnzN3WfOXVs4X0RRIvzAPdKkaEmnG_TdSgHDdP7IIQnFv7HRy-XnsuHye3Y3Pq1SYj0aQuBhpDOGsz8imPx3KeF7FNFB-9bQKiFTQM8nJCxZavz4gJEb6MdSiA3JKrawoBf-CsTQtP-mSensEV4h5CmaJsOTgyTl9j1lmoVXon6iDe9RpX0Y4ly_3Fex3nXM3RTzuW0Eihd1NfdyNmSqZCNHgw5AM779QwDYpCUrvbLagrRXklzhTBHo32q0vybuO9lD44v_iCeKr8DHTPcO72vIwy2njCmh25yINy46Mj6jE1xS8-6U6V7h3IoSuC2Ltal11SG_rNhrOm5wpRibb2N0imeftVPXqSbWyu5egI0srwMzDG-sHmp-q36AvtJB3FDoe7-Vzyhn_oDanTQHME-hAME1rqTnJ5UnDvXX6Miy3r9Yj9dxntCFy62OjfVxPoTgrnpf0UheBnLbwTFhart_GpIb-SORshYLyz9PqNdhl7CqN8SffM_Bg6yZmGzDeXCkNX4MtwmlkNp3NWJjmvNl2EyO29ikvu6lQL-zC7jwrfTyu91pzaL37V9BaQ_TSB8bLq-Cbc69XAF6TMRgkYY5VYDj6_WYz8i0--kSMbQJP14TlqSVmanVEI6uUj_paEFK_CgcNiKub1d7LccG2ZnK6JGof5tJLRjPmbKNk9VGsH_2aXvxHQAydc7uSDpV_4Md_Phubbtr6S07zmUqt138rFjqMGB4lSXjsBkRQ36-uxolbvomM8IzBjEUWqhUBWby0ynZ_gi6rfl6-Raux1nHKnN_4pIwM2hZvX550ZlGKKjECR3lIMYOfwdasC9MTUI7E5duFoXc2c05gbRfzkBXWX3tkbjqpYtCjH_mFIxAjLdWTo0hDngHqV4IbAzMoRI9KlTQVqKdFxiRm1sPj&cid=CAASKORoljeyp5hnWohR30xPlEDSaAfcvcuCceHkjyvc68YSW3HMmUAr4LI&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
add6cba3305db57ebe9f85c70d6900da0a00599ad8550a4a5a4cc5a3e733ee2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EFB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0m8IOR0Ku68U4B7zZz4UVzdqSnCr0vC-mwTQg4AqpIugDroQb5Y_1QJKdpyXz8-97ig27ZZ7J-eo-AZE88gUtulRGxjLdiofjEMn83q_btm9F7S0
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2EFB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:04:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EFB 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2EFB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:52:05 GMT
l
www.google.com/ads/measurement/ Frame 2EFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS--O_QN7ix3Xc4jzu-HDLRKsnITLBwJpHTPfBQvTYk7TW9z5D_uclG1-zcd2i-jyOuwvCICeSu_my6tDJelZsd8p_yuw
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9E8E 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjg193SATAB&v=APEucNWAOHpQnL8QV246hztZxAlpCcJjqy5qlfDp6F1TpIX9FyHSVqtvdiTUhOKWMGhQecF6qt2cIFfKYBEjtaO4o3lfOvc0J6lq6mVitMv6fT0vbSMerz3VC-ZsQyEcJDpdsJe0GLed_aEPwbd1FycYtXlfKDblli2Bnu008cRslGrdbKpY_6Q
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:52 GMT
expires
Mon, 12 Sep 2022 10:16:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame E516 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e561e56ff222d8c369687495f307eabb5d4999bcd64a228e00dd1df0d1683dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36897
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E516 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CX7ZVSXU49zBm8WlG1q3DgahYqHlG-MO8vv9ViA2hThzIDcxl5dTbGYD7ySGJtmRX5teTXlmQIm8XNZ2YmwsleXkjMOxL6VzPqViM28EzXzGSPB-I
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame E516 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:04:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E516 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame E516 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:52:05 GMT
l
www.google.com/ads/measurement/ Frame E516 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJYBotgYktQIB2298uEIFMgSme9mOrcg96pMgZETho8cLQ9eMGi1zpK6YZGil-KoQVRa7OUPsvisIQqvsnvr_GJreohw
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame FF45 		466 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjZ3N3SATAB&v=APEucNVPguo5A2zdoqqLzEeRr_hHal_naCDs_g09qkXam0n2IuVmHOl-lHuTbkStc3Fdu-6nEmjlQBcXWNyWCqwHefqVU0Zur_FM_hHp48BBHqnW7yHw0vTNEOH-p3e0OIUdUYjGW1ubLdAWEb42Nc3_DyjAW8xuI3pp7HIgEmgjUKNf2FTS-Ws
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:52 GMT
expires
Mon, 12 Sep 2022 10:16:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 287F 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a4edd546ff2c697bd791842c6a3b5614c9d81d33d3251c842007998e8c4f916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36879
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 287F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CifT546IjY_qs5i_y0lrf8g-q6ps8TeXCFH5BxNzl7uPGN3JYUatSK5IDnBBJ-T39XJPM2ZRSSMuVyYM8yFtSIcwwvDAk8AoJTwKfKUOhBi-bgb18
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 287F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:04:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 287F 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 287F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:52:05 GMT
l
www.google.com/ads/measurement/ Frame 287F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwO8qWij86OUfstxs6QyKXGR6wV1q_yZRJK3zUtNgAe33Bd0AxG7Rb5qvoo0-SPGc1UVaSzhJl300Iqnu31C2UdT12Bg
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977812862&oz_l=2561&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
adview
securepubads.g.doubleclick.net/pagead/ Frame DF89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbPrrEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSTAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbMEkSqJwMl67CfEVoJPhSnB3kAjBSn6sZ-A7eA-CAYqUiXk5Maj34AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=a0VkikE78hs&uach_m=[UACH]&cid=CAQSPwCsnQUxLosNfcoqP0vpmN2WBvL8aY3S54HYXu87G149KoptGdm-q0MB4HpiDqpOp9vvRUhNtqdSFGY27GBhihgB
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame DF89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Euv_CsoH-gGdg2ICAgAAAKFRO4yZdx9SH3zd6ivlr5wQEwcfY7p8SgLGDiGrGFcxABIAAA&wp=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:52 GMT
server
Kestrel
server-processing-duration-in-ticks
295609
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 454F 		152 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2de6c7d2d225761b129f6d26bbaaa9e647f48e758b5350684aea11f3afd2f806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Hsm37p4qTrAtEcrD361Jb0eqx5TCzFZ-EVPMjf1RZVprneEdTRXMdMH3rA3uZY6P1mOWHgDCwXMyqpqrAC06M5yeLp_87ctdhVC80TwixmxnX1v6T33QyHHW4QUTH6ZFOdDDoa-t_Mi-bhITnNgdVSqPIa3m3KtmTFzkPT76GgPp3Iosdyqn2TdIsfe0lEL2L3uN8PJ9bmamevhjL_dQg9Z80lM2x7MpdRVbXtAtqQ-63Q8wlSBV0lWr2flJyq1nz3amoA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
85984921
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame DF89 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:04:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF89 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame DF89 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:52:05 GMT
l
www.google.com/ads/measurement/ Frame DF89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh0deet-p2tR7qndfkjyiCAetx_uT1FJ1SCvZ3Cu2uIG4N62Jj-KHjMYNbkf0zi0PKt9796unKfYIgbYCOmQb4iZ-onQ
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DF89 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 09:18:57 GMT
truncated
/ Frame B5BA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3596fba3191356b9a93733b8dd0135e66eeea6dccf7627921228034bfe024eb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 20F4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195625ec7e482ee84008de1c765fb3a503db5767b8138233bdf86ee40bc25483

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C4F8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fff996b5959b08fb7ac6d1c1a2843bf0cf6698f96389cf5b28ee54eb636f256

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
abc.txt
static.avantisvideo.com/data/ Frame C4F8 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5c00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90b98930822e26b799b358fb5eb5fc8d9571db357986b771156651977f43c2fb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 07:43:18 GMT
content-encoding
gzip
last-modified
Sun, 11 Sep 2022 07:40:03 GMT
server
AmazonS3
age
9295
etag
W/"aea53b2b83eada019a7b5d305655a4ae"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
_je-VG4pVMxsY8zKJjvV8kEB4IkwllfFPe-_4bj3_ZLY-z-IkZr_gA==
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame C4F8 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5c00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90b98930822e26b799b358fb5eb5fc8d9571db357986b771156651977f43c2fb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 07:43:18 GMT
content-encoding
gzip
last-modified
Sun, 11 Sep 2022 07:40:03 GMT
server
AmazonS3
age
9295
etag
W/"aea53b2b83eada019a7b5d305655a4ae"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
nmZzq7LtVPGE423H-gnyM_fC87EaKws72WuRbPQyf8l4t2NeQ4u09g==
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame B5BA 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5c00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90b98930822e26b799b358fb5eb5fc8d9571db357986b771156651977f43c2fb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 07:43:18 GMT
content-encoding
gzip
last-modified
Sun, 11 Sep 2022 07:40:03 GMT
server
AmazonS3
age
9295
etag
W/"aea53b2b83eada019a7b5d305655a4ae"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
fLs5PMgMs_UL68XUkd1UdfbHpNNLZa02R0L5BYGdxMDqQu54WBXYhQ==
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame B5BA 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5c00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90b98930822e26b799b358fb5eb5fc8d9571db357986b771156651977f43c2fb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 07:43:18 GMT
content-encoding
gzip
last-modified
Sun, 11 Sep 2022 07:40:03 GMT
server
AmazonS3
age
9295
etag
W/"aea53b2b83eada019a7b5d305655a4ae"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
eQRZcfovyFGVWqIzhPyY0my2DiAGD8GgFXrF0tqgrYRqorCgN8BLrw==
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
rum
dsum-sec.casalemedia.com/ Frame 1AB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNWIMPBeoTG9394x4Jpztp_QxgLi-JSpqGRZQeOcRh1ULLW5puO7h1IZx-QMWL8f7ue5nY_3az-9WBe_YIs4iJDgHm52LZJm818a5YNnMD2p1PhUAu9hf7xEi6lSB1GJdJNZzabyYxT6P3arI6jWCJjfUp-yYyb86vQ1OUmZ3POPKwGusWo
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e3e64d2e9b3f-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jP3skewe4oGj%2BXFS3Fgy%2BGwlMr7XTNinSragGZfpPkH7H9a7vrUbgmuODgGnT8SOttgGHZ5Xc%2BEPePK9kjgWC5Hj77zUq13IJ5iNSHx89lwCoMQBxiPa8FxY%2B84Tciy1KKlUSuRS%2FI0Sdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1AB9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx8HFWYZnuEys7aDbvpcNQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNWIMPBeoTG9394x4Jpztp_QxgLi-JSpqGRZQeOcRh1ULLW5puO7h1IZx-QMWL8f7ue5nY_3az-9WBe_YIs4iJDgHm52LZJm818a5YNnMD2p1PhUAu9hf7xEi6lSB1GJdJNZzabyYxT6P3arI6jWCJjfUp-yYyb86vQ1OUmZ3POPKwGusWo
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e3e8a90e9b3f-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gm4UNJ9FWeWXALu7cxGp1F4yPGVcJ60suGffvC0gZCcz0aXmMq3cmSq%2B2wDntMtmj%2Bn0DBxsTcWZS9onyjCDTYbqy4eDrV2hUkQy0V1PBxgUEXP88PD97Dl8H8Dv%2FAxcQqxIMOAT9hsRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6urueZXOmkNOjMBanmIuM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1AB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELMNrHF3gPXMqQjx9m5nBRs&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELMNrHF3gPXMqQjx9m5nBRs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNWIMPBeoTG9394x4Jpztp_QxgLi-JSpqGRZQeOcRh1ULLW5puO7h1IZx-QMWL8f7ue5nY_3az-9WBe_YIs4iJDgHm52LZJm818a5YNnMD2p1PhUAu9hf7xEi6lSB1GJdJNZzabyYxT6P3arI6jWCJjfUp-yYyb86vQ1OUmZ3POPKwGusWo
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:53 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0973ba77-9d49-41ff-aeb2-35ffa0272ab5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELMNrHF3gPXMqQjx9m5nBRs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1AB9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzNjkyMTk4NDY5NzE5OTc2Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzNjkyMTk4NDY5NzE5OTc2Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj2vpHSATAB&v=APEucNWIMPBeoTG9394x4Jpztp_QxgLi-JSpqGRZQeOcRh1ULLW5puO7h1IZx-QMWL8f7ue5nY_3az-9WBe_YIs4iJDgHm52LZJm818a5YNnMD2p1PhUAu9hf7xEi6lSB1GJdJNZzabyYxT6P3arI6jWCJjfUp-yYyb86vQ1OUmZ3POPKwGusWo
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:53 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
32dd60a6-beef-431d-b1a7-816c42a1a190
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMzNjkyMTk4NDY5NzE5OTc2Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2EFB 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Origin
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 10:43:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Sep 2022 10:43:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 2EFB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmRl3r9Ha8ABovHkz7mRMYVk3bsyLirKVsPWth47LZKH7LB6-iN9Pd93ZC1vDHzAeXw-WDt1F8AFGSDdmtNL8vVgsXQA&cry=1&dbm_d=AKAmf-BBun1YzJ06RYiEt5KKmlwEeGbmMXahSjIOeB4v68oszDR10p8Y7eKenx6xRfq2AqdcKhwKSFjivQdTYCT7xhTnVH43b19CMvBPTrcNJnRegQ4y7Xzf_b2WLK2rTVYx4UCSSs1osB9YXOdVIzI7nZKrguJIKdO749h6ZgDj2AczaiXaXlQ4sJPStVcDe0EI9F2xH-fPb5R39gF6CWLv90UnEbjqkkOdaFDjvyrQp6iR3L3cOeq2zGBu6Y2-m6a-Y2qlnMp6l16mmvuRwU6xM1BlUlDB1GOoXOB5sDXhJoS6QwIlDVsiWC1oIj1dIAvM_AOkgeb-8UIRMi4eIzkhcgEclYW_4cGhSgSU_-ZlSzRqjhXzdkZqE_aoVzolR_ZJpRD_zFM7t0IcH-ii5eaQoA-2ko-CMqtA9D-Lx-JysuZYAnD3V5u5PVG0Xd9o_FnUWrnpch1iuTPgegMtXE3DHnwAwNRHybnalwM0ZUaFpYPLS9PgDQQX0ANeE0vfj5KcnhPlHbzBxybGE7Z1jwnOP3mVp0LtQbkjW-WxW7JnK7pgMGtWmFhRwce2Sf5eM-Kj_n9LyA0k6c4HcjQ_KlfJIuudDhkn_ijL_zYQWa7NqZ9gtS2WF4MUtrtGeCgPVwhu3xQLVAF3oX6n6TQoZ2WbU-XpScMNuRRKvjr7Vu47dAQtBRgoXvcqjpWuO2Sz8z0IpGyVGIgru6oCs4lrEjJy94re1iTgeiqXV13T-3aqcz2Sb1g_aMjqXvVPUfcx8Na3ZXvM8Rn7SVepG7fpWTE6HjngK5zdej9B1Kx_NXOg91oKzL-C12yotTlCJ4Kty8uT1E7S0IHMYWBCIx9OUIwfC0oE-bHAwn58iPCJNrCCMpC8d240jVAtQ4BcQU2I77SvJIDArgjLdJlRRozK2nvJ_2Af38qQ5m4oKbaDFt9AGjqqomdB6Mhwrtlg0QWLCNkoMIz45VznHJngE6T3tTbjXgSKJfnhvsDl3KA8QRZ9aRgekAEPP1FgoG9Qnqjq1LLops5f-5MxAJPjfFrd3ha2DB2L9ZMnCUE1iinVrwyymKJo-1G0Ht5JxWjpYBKu-TB6XejoUuU58JwI0jKveMmIKfs_Off3esUvcU9xzPoLwnHiCOYytzXFj62_yFuCJIyb_cvDTLfazEq568wwOOo1ViV8-3EMEsiG9l1xwYJ-XW08sMrVIu_weZJF9huqopbP0DKpqk6QyKxc92HHcihyHcLUkKzgVrJgPQFFiaHtshuXRAGuElt9fzN1eFwVcCnrCFH2BHT3q6-fRD1VH1NtgnJjpAQtyUQswOnTwH2KjeyIoIFSP0tClR-im1dn8vdPKANgyl1-Pa5Vh9rEyCFmc5b0LS5yaBKkTN0DYTYnXqxL48nr7KP2LPNMQ3iJHUAvrsyX7e01d1QZ7qlnrMuQdQ_Kk3SPKdPRrZfzNiNJLSre9B-u9_JQVGNlmPPvNgQ5WLaibG0VFC58CEgPlzoBx3FK7xBb5kbDB05qjSJyCYWMOIGEcqCij3JGvp3ruwQ6vgOk5BSsailLuq2DRMIw9e5G5yORa9sq52bolr7FuXnpDxi7TRnUxyUAAEZLsImBoD1ITVnGEoTHFyXDgd8d3QpTBxv9VMkUC9r6FA-24aua_LDVsgGsUQ795HrzN9SfHGi7w7qxB-G8a3czroL5rg_sJ6BDnv0Sj39qxTre_1KS5w9Nedd6Kjvve5A4sAcJZf_8JWGxzXE01xwGKzjJ0wgQKKU7z7iX_RzZtnPpZc-xSU9LfZtwkuMpKvGETURq7hWJnI6gLez_Zim6Kqr73nprq5VeUKnLvNv8na9h5Z-sGNGGu2tGGpgWNF6bc8fwEyn6zQaGPzmuJribLblN5B6WtYGh0tcIfgv5_xQqp_TYi_s3kJXoWfXYlU0rJpshEU26ox0spD8a2U8fwfA9j8fqbi0J-nisoBK9EItQBDm9ets6NUOND-RFmxFT4Iz2o0tVfkzaenmXWZ7fw5wwAAbh_vbN-iEWruojTOa6qocRvemB_UqmRP_vPkP_dc8GmZPC4FcWNaenBL9guRk7JHPIYFMaL7xB5ZPHUSmLsT5r89-vY3hP-LQMOJt6nqYbnZijxB9G7LsQRhOlCsJ595S3j6aNACPw7-whrSHQaDrqancVZUaVl3bGAQREMA3sHgIO6T6Edgw13eksihBeN6XLXSlFnuESuCrrbVLcBXeQZui5DwfMNu1RZgP9jWn6W0clsngGe-54MX-dk98WeKBaogKijf_38Nj-eXlhpmDPYsX87RQBdju3VRqzXY6MP7hSBRDPw54NDIJrJPoNk8yZibEjkjDOREVimQea1UmNb5a0P2ilmn5T8fdeyN8XYjndEx5u6L9HT9Vv77tlB0FNIHn8uJgG5JiWQhIgFc7f2fQECuzqnzN3WfOXVs4X0RRIvzAPdKkaEmnG_TdSgHDdP7IIQnFv7HRy-XnsuHye3Y3Pq1SYj0aQuBhpDOGsz8imPx3KeF7FNFB-9bQKiFTQM8nJCxZavz4gJEb6MdSiA3JKrawoBf-CsTQtP-mSensEV4h5CmaJsOTgyTl9j1lmoVXon6iDe9RpX0Y4ly_3Fex3nXM3RTzuW0Eihd1NfdyNmSqZCNHgw5AM779QwDYpCUrvbLagrRXklzhTBHo32q0vybuO9lD44v_iCeKr8DHTPcO72vIwy2njCmh25yINy46Mj6jE1xS8-6U6V7h3IoSuC2Ltal11SG_rNhrOm5wpRibb2N0imeftVPXqSbWyu5egI0srwMzDG-sHmp-q36AvtJB3FDoe7-Vzyhn_oDanTQHME-hAME1rqTnJ5UnDvXX6Miy3r9Yj9dxntCFy62OjfVxPoTgrnpf0UheBnLbwTFhart_GpIb-SORshYLyz9PqNdhl7CqN8SffM_Bg6yZmGzDeXCkNX4MtwmlkNp3NWJjmvNl2EyO29ikvu6lQL-zC7jwrfTyu91pzaL37V9BaQ_TSB8bLq-Cbc69XAF6TMRgkYY5VYDj6_WYz8i0--kSMbQJP14TlqSVmanVEI6uUj_paEFK_CgcNiKub1d7LccG2ZnK6JGof5tJLRjPmbKNk9VGsH_2aXvxHQAydc7uSDpV_4Md_Phubbtr6S07zmUqt138rFjqMGB4lSXjsBkRQ36-uxolbvomM8IzBjEUWqhUBWby0ynZ_gi6rfl6-Raux1nHKnN_4pIwM2hZvX550ZlGKKjECR3lIMYOfwdasC9MTUI7E5duFoXc2c05gbRfzkBXWX3tkbjqpYtCjH_mFIxAjLdWTo0hDngHqV4IbAzMoRI9KlTQVqKdFxiRm1sPj&cid=CAASKORoljeyp5hnWohR30xPlEDSaAfcvcuCceHkjyvc68YSW3HMmUAr4LI&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:14:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 2EFB 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmRl3r9Ha8ABovHkz7mRMYVk3bsyLirKVsPWth47LZKH7LB6-iN9Pd93ZC1vDHzAeXw-WDt1F8AFGSDdmtNL8vVgsXQA&cry=1&dbm_d=AKAmf-BBun1YzJ06RYiEt5KKmlwEeGbmMXahSjIOeB4v68oszDR10p8Y7eKenx6xRfq2AqdcKhwKSFjivQdTYCT7xhTnVH43b19CMvBPTrcNJnRegQ4y7Xzf_b2WLK2rTVYx4UCSSs1osB9YXOdVIzI7nZKrguJIKdO749h6ZgDj2AczaiXaXlQ4sJPStVcDe0EI9F2xH-fPb5R39gF6CWLv90UnEbjqkkOdaFDjvyrQp6iR3L3cOeq2zGBu6Y2-m6a-Y2qlnMp6l16mmvuRwU6xM1BlUlDB1GOoXOB5sDXhJoS6QwIlDVsiWC1oIj1dIAvM_AOkgeb-8UIRMi4eIzkhcgEclYW_4cGhSgSU_-ZlSzRqjhXzdkZqE_aoVzolR_ZJpRD_zFM7t0IcH-ii5eaQoA-2ko-CMqtA9D-Lx-JysuZYAnD3V5u5PVG0Xd9o_FnUWrnpch1iuTPgegMtXE3DHnwAwNRHybnalwM0ZUaFpYPLS9PgDQQX0ANeE0vfj5KcnhPlHbzBxybGE7Z1jwnOP3mVp0LtQbkjW-WxW7JnK7pgMGtWmFhRwce2Sf5eM-Kj_n9LyA0k6c4HcjQ_KlfJIuudDhkn_ijL_zYQWa7NqZ9gtS2WF4MUtrtGeCgPVwhu3xQLVAF3oX6n6TQoZ2WbU-XpScMNuRRKvjr7Vu47dAQtBRgoXvcqjpWuO2Sz8z0IpGyVGIgru6oCs4lrEjJy94re1iTgeiqXV13T-3aqcz2Sb1g_aMjqXvVPUfcx8Na3ZXvM8Rn7SVepG7fpWTE6HjngK5zdej9B1Kx_NXOg91oKzL-C12yotTlCJ4Kty8uT1E7S0IHMYWBCIx9OUIwfC0oE-bHAwn58iPCJNrCCMpC8d240jVAtQ4BcQU2I77SvJIDArgjLdJlRRozK2nvJ_2Af38qQ5m4oKbaDFt9AGjqqomdB6Mhwrtlg0QWLCNkoMIz45VznHJngE6T3tTbjXgSKJfnhvsDl3KA8QRZ9aRgekAEPP1FgoG9Qnqjq1LLops5f-5MxAJPjfFrd3ha2DB2L9ZMnCUE1iinVrwyymKJo-1G0Ht5JxWjpYBKu-TB6XejoUuU58JwI0jKveMmIKfs_Off3esUvcU9xzPoLwnHiCOYytzXFj62_yFuCJIyb_cvDTLfazEq568wwOOo1ViV8-3EMEsiG9l1xwYJ-XW08sMrVIu_weZJF9huqopbP0DKpqk6QyKxc92HHcihyHcLUkKzgVrJgPQFFiaHtshuXRAGuElt9fzN1eFwVcCnrCFH2BHT3q6-fRD1VH1NtgnJjpAQtyUQswOnTwH2KjeyIoIFSP0tClR-im1dn8vdPKANgyl1-Pa5Vh9rEyCFmc5b0LS5yaBKkTN0DYTYnXqxL48nr7KP2LPNMQ3iJHUAvrsyX7e01d1QZ7qlnrMuQdQ_Kk3SPKdPRrZfzNiNJLSre9B-u9_JQVGNlmPPvNgQ5WLaibG0VFC58CEgPlzoBx3FK7xBb5kbDB05qjSJyCYWMOIGEcqCij3JGvp3ruwQ6vgOk5BSsailLuq2DRMIw9e5G5yORa9sq52bolr7FuXnpDxi7TRnUxyUAAEZLsImBoD1ITVnGEoTHFyXDgd8d3QpTBxv9VMkUC9r6FA-24aua_LDVsgGsUQ795HrzN9SfHGi7w7qxB-G8a3czroL5rg_sJ6BDnv0Sj39qxTre_1KS5w9Nedd6Kjvve5A4sAcJZf_8JWGxzXE01xwGKzjJ0wgQKKU7z7iX_RzZtnPpZc-xSU9LfZtwkuMpKvGETURq7hWJnI6gLez_Zim6Kqr73nprq5VeUKnLvNv8na9h5Z-sGNGGu2tGGpgWNF6bc8fwEyn6zQaGPzmuJribLblN5B6WtYGh0tcIfgv5_xQqp_TYi_s3kJXoWfXYlU0rJpshEU26ox0spD8a2U8fwfA9j8fqbi0J-nisoBK9EItQBDm9ets6NUOND-RFmxFT4Iz2o0tVfkzaenmXWZ7fw5wwAAbh_vbN-iEWruojTOa6qocRvemB_UqmRP_vPkP_dc8GmZPC4FcWNaenBL9guRk7JHPIYFMaL7xB5ZPHUSmLsT5r89-vY3hP-LQMOJt6nqYbnZijxB9G7LsQRhOlCsJ595S3j6aNACPw7-whrSHQaDrqancVZUaVl3bGAQREMA3sHgIO6T6Edgw13eksihBeN6XLXSlFnuESuCrrbVLcBXeQZui5DwfMNu1RZgP9jWn6W0clsngGe-54MX-dk98WeKBaogKijf_38Nj-eXlhpmDPYsX87RQBdju3VRqzXY6MP7hSBRDPw54NDIJrJPoNk8yZibEjkjDOREVimQea1UmNb5a0P2ilmn5T8fdeyN8XYjndEx5u6L9HT9Vv77tlB0FNIHn8uJgG5JiWQhIgFc7f2fQECuzqnzN3WfOXVs4X0RRIvzAPdKkaEmnG_TdSgHDdP7IIQnFv7HRy-XnsuHye3Y3Pq1SYj0aQuBhpDOGsz8imPx3KeF7FNFB-9bQKiFTQM8nJCxZavz4gJEb6MdSiA3JKrawoBf-CsTQtP-mSensEV4h5CmaJsOTgyTl9j1lmoVXon6iDe9RpX0Y4ly_3Fex3nXM3RTzuW0Eihd1NfdyNmSqZCNHgw5AM779QwDYpCUrvbLagrRXklzhTBHo32q0vybuO9lD44v_iCeKr8DHTPcO72vIwy2njCmh25yINy46Mj6jE1xS8-6U6V7h3IoSuC2Ltal11SG_rNhrOm5wpRibb2N0imeftVPXqSbWyu5egI0srwMzDG-sHmp-q36AvtJB3FDoe7-Vzyhn_oDanTQHME-hAME1rqTnJ5UnDvXX6Miy3r9Yj9dxntCFy62OjfVxPoTgrnpf0UheBnLbwTFhart_GpIb-SORshYLyz9PqNdhl7CqN8SffM_Bg6yZmGzDeXCkNX4MtwmlkNp3NWJjmvNl2EyO29ikvu6lQL-zC7jwrfTyu91pzaL37V9BaQ_TSB8bLq-Cbc69XAF6TMRgkYY5VYDj6_WYz8i0--kSMbQJP14TlqSVmanVEI6uUj_paEFK_CgcNiKub1d7LccG2ZnK6JGof5tJLRjPmbKNk9VGsH_2aXvxHQAydc7uSDpV_4Md_Phubbtr6S07zmUqt138rFjqMGB4lSXjsBkRQ36-uxolbvomM8IzBjEUWqhUBWby0ynZ_gi6rfl6-Raux1nHKnN_4pIwM2hZvX550ZlGKKjECR3lIMYOfwdasC9MTUI7E5duFoXc2c05gbRfzkBXWX3tkbjqpYtCjH_mFIxAjLdWTo0hDngHqV4IbAzMoRI9KlTQVqKdFxiRm1sPj&cid=CAASKORoljeyp5hnWohR30xPlEDSaAfcvcuCceHkjyvc68YSW3HMmUAr4LI&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:15:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGhUyF_Fh8SYGFbi3IG4dmY&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGhUyF_Fh8SYGFbi3IG4dmY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjg193SATAB&v=APEucNWAOHpQnL8QV246hztZxAlpCcJjqy5qlfDp6F1TpIX9FyHSVqtvdiTUhOKWMGhQecF6qt2cIFfKYBEjtaO4o3lfOvc0J6lq6mVitMv6fT0vbSMerz3VC-ZsQyEcJDpdsJe0GLed_aEPwbd1FycYtXlfKDblli2Bnu008cRslGrdbKpY_6Q
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGhUyF_Fh8SYGFbi3IG4dmY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9E8E 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjg193SATAB&v=APEucNWAOHpQnL8QV246hztZxAlpCcJjqy5qlfDp6F1TpIX9FyHSVqtvdiTUhOKWMGhQecF6qt2cIFfKYBEjtaO4o3lfOvc0J6lq6mVitMv6fT0vbSMerz3VC-ZsQyEcJDpdsJe0GLed_aEPwbd1FycYtXlfKDblli2Bnu008cRslGrdbKpY_6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9E8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA1Y7abTLMCEROMbikNxmFs&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA1Y7abTLMCEROMbikNxmFs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjg193SATAB&v=APEucNWAOHpQnL8QV246hztZxAlpCcJjqy5qlfDp6F1TpIX9FyHSVqtvdiTUhOKWMGhQecF6qt2cIFfKYBEjtaO4o3lfOvc0J6lq6mVitMv6fT0vbSMerz3VC-ZsQyEcJDpdsJe0GLed_aEPwbd1FycYtXlfKDblli2Bnu008cRslGrdbKpY_6Q
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 10:16:53 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEA1Y7abTLMCEROMbikNxmFs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9E8E 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjg193SATAB&v=APEucNWAOHpQnL8QV246hztZxAlpCcJjqy5qlfDp6F1TpIX9FyHSVqtvdiTUhOKWMGhQecF6qt2cIFfKYBEjtaO4o3lfOvc0J6lq6mVitMv6fT0vbSMerz3VC-ZsQyEcJDpdsJe0GLed_aEPwbd1FycYtXlfKDblli2Bnu008cRslGrdbKpY_6Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 10:16:53 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame FF45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEB6mKVr7fhySzNH3By1A2NE&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEB6mKVr7fhySzNH3By1A2NE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjZ3N3SATAB&v=APEucNVPguo5A2zdoqqLzEeRr_hHal_naCDs_g09qkXam0n2IuVmHOl-lHuTbkStc3Fdu-6nEmjlQBcXWNyWCqwHefqVU0Zur_FM_hHp48BBHqnW7yHw0vTNEOH-p3e0OIUdUYjGW1ubLdAWEb42Nc3_DyjAW8xuI3pp7HIgEmgjUKNf2FTS-Ws
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
140
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEB6mKVr7fhySzNH3By1A2NE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF45
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVkYTQ3OWQtMzI4NC0xMWVkLTg0MzYtMWE0MDRmZDUwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVkYTQ3OWQtMzI4NC0xMWVkLTg0MzYtMWE0MDRmZDUwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjZ3N3SATAB&v=APEucNVPguo5A2zdoqqLzEeRr_hHal_naCDs_g09qkXam0n2IuVmHOl-lHuTbkStc3Fdu-6nEmjlQBcXWNyWCqwHefqVU0Zur_FM_hHp48BBHqnW7yHw0vTNEOH-p3e0OIUdUYjGW1ubLdAWEb42Nc3_DyjAW8xuI3pp7HIgEmgjUKNf2FTS-Ws
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 10:16:53 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVkYTQ3OWQtMzI4NC0xMWVkLTg0MzYtMWE0MDRmZDUwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
96
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FF45
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KTVEzNFAxRTJ1R1MzTTIxa2JlSzQ0SVN4RGRRMEpweX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KTVEzNFAxRTJ1R1MzTTIxa2JlSzQ0SVN4RGRRMEpweX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKXF4wEQjtLWAhjZ3N3SATAB&v=APEucNVPguo5A2zdoqqLzEeRr_hHal_naCDs_g09qkXam0n2IuVmHOl-lHuTbkStc3Fdu-6nEmjlQBcXWNyWCqwHefqVU0Zur_FM_hHp48BBHqnW7yHw0vTNEOH-p3e0OIUdUYjGW1ubLdAWEb42Nc3_DyjAW8xuI3pp7HIgEmgjUKNf2FTS-Ws
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KTVEzNFAxRTJ1R1MzTTIxa2JlSzQ0SVN4RGRRMEpweX5B
date
Mon, 12 Sep 2022 10:16:53 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
skeleton.js
fw.adsafeprotected.com/rjss/st/1164679/65554027/ Frame E516 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1164679/65554027/skeleton.js?ias_dspID=3&ias_campId=1008867619&ias_pubId=pub-4627517680249670&ias_chanId=1&ias_placementId=18154214868&bidurl=https://www.123greetings.com/events/harvest_moon_festival/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i8ITHbx0sim-Hg-cKuDlsG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.80.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-80-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
92c7c239cae66edd919b8bd6cdd321df0cb5bdce931b4a2a4a15861af81abb42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame E516 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:15:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame E516 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:14:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E516 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFsQlq9o3xHizXUmz442GGNcLF-57YqEbQsQMJ0ae0cjQ50nPuUdxiVpWBG149U-AzUUzvQR35iQe_FlA6_pXWufQWFlrvxf9b1t2B3GbJqX3WSHDKySHNYYMbnAXK6puKaDXAclPK_AK1cOaJuu2plG-8CstpVNKo1F2Kjrm20cxGsuCv-y8O1_XpK2YIFrPmkiufOw80KxXvrPLdfMULn9_IZpVtvUbQSidihrATEyYzh_vJTSQNNOSwYNqrpZw2YDoAsxHvw_sHpyxH5nzf52M0DmFHPzmZsszCkFOWDO15IdWbY6rkl_Lw2zzpiS7eC1p2vBpsxmDlSSBsdhAFfK6AsEk7-77vbBZFnxG7ak1i57aZLCZmuQcPGE5xL4JU07rtCI6MK9e2Q5vqNvgRmsIGuyA1Es3oJjB8_9sH59csXfmwORZku0yrfeDN5Sj9-OeYHUrHiAdziQzLAuuXNg0ETql4y0Bsx4twceVbi2stmPSnAsedLutm27DtbLL3tEZo9w1UUO3tYiGDueNw_slFTjDfH1lAcdCSbT_JFrYSeEbMEHWpilTLCDE2IuudAukm9DSNLKxQKET0m4nJtbxuExTeJofBdeBjABSRVlM0FESDVSaitnsEnkONiHLf034Prtuv5R6M88gsGvX3-wddmbPnIfKUXXs8j4CaEJmKcr6lYaHOaLAhyG2lN2M9sFRd88dG-Cmze4odZDoRMoRI-ZIBMdPMSJRraA_GKodNCEWh0_0hiVq5ZTfnHFSdHfVyJzwrMlCqgvFf5_cUCDvO4EQp99yB2LnVBqpzk-bKiwer67AF0nGRfVQEjzVZsgFozxUj2YbILgxYH2qOm3px7sO26UVQQO3C-wZwTwN7e7QFoH2IP19E57-OveGjlTO4GbcW3_TqS4WN7Rb4WJmnnqrzmhmk60g4IP_meMgvbyyX_fnQpZYn9nUgyOqS-I4hhkzsVP6AXkNbeRGyomL3f9AaYvWeoh7tPa-AybNP4_hL4T8F5WoKJwtyZJcXDOuqAKesQjrBpswJZbCXhe9IZSah5xnNGX-7XgoMxQONqLHBUe6N_JjPy3b7Eslr9mIWncu2PV6n89CTYiMSD6KoCpCLFOnojHuOlzYu4aOLDnTEu2AKKitm6XNXnm3xKZOitAaLId2b2Kh5agitcVXF8s-AbvPcAbM8-ao-pnHuuRPtddnVDAaBRAr71-7JsfuS85PxCvlygYan9LcK8-6q9L48Ra4&sai=AMfl-YQxxx_kejK6os1jMTSRZq-Q2oCxC9fAXBwhJOpU7LVtJWTuD8MILGDNYremqLMvIH2ymEFOrVkSJSICB2aUJWvYcszNEljEnQFNCyOxsQ2O2KDH5u38zh9lOo2Rgx2UMae1brvRLn9FhZ0x79Z9RLoEw7bMZFdoawX94eDhNn_E3d2kca5wHkMQytgSq_BUTylWkpW8P1jgoUF_3D1vIlLFmRYHPa1bWaoU&sig=Cg0ArKJSzMXJiA0eYOK1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20220907.83697&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 12 Sep 2022 10:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
servedby.flashtalking.com/imp/1/113675;4050628;201;jsappend;Disney;DisneyPlusAdobeTracking/ Frame E516 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/113675;4050628;201;jsappend;Disney;DisneyPlusAdobeTracking/?ft_custom=345230444&imageType=gif&ftDestID=25103801&ft_width=1&ft_height=1&click=&ftOBA=0&ftExpTrack=&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_section=28516514_345230444_536926641_177789621&ft_custom=345230444&cachebuster=1337203844
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app2.frk11 /
Resource Hash
f0497ff2538226b707c0602314acfd2708c2fef2809d5631afd405ab3b205287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:53 GMT
Server
prod-xre-app2.frk11
X-HW
1662977813.dop241.fr8.t,1662977813.cds154.fr8.shn,1662977813.dop241.fr8.t,1662977813.cds265.fr8.sc,1662977813.cds265.fr8.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1801
Expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E516 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 07:50:57 GMT
3205611837981679021
s0.2mdn.net/simgad/ Frame E516 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3205611837981679021
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6474b569cf06c534a4d2dc329a4c3caa7dfaa6f9d5096afe821c44eba7454b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:00:03 GMT
x-content-type-options
nosniff
age
357410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57231
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 15:43:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:00:03 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1164679/65553624/ Frame 287F 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1164679/65553624/skeleton.js?ias_dspID=3&ias_campId=1008867619&ias_pubId=pub-4627517680249670&ias_chanId=1&ias_placementId=18154214868&bidurl=https://www.123greetings.com/events/harvest_moon_festival/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jPq-phTAvvVOMl24CCrrwd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.80.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-80-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
52ad4bae190b8050815264d86b0021df2ff02a855f38af2267c2c2dd0fbd4047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 287F 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:15:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 287F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:14:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 287F 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwvG-lNCs0cxAjMxW946MLmfnzzUSvLUCOSLRfiuowQl1y2Kp2YDQiYrSL3agZ80TFxpIXpVza2JS3iUU14z7x-h92y9YDxQ5eRA-ywIEZzue1fcNqR42rIJjAs9epQOGx87vD5BhzftC2HEwBpJJR7aCsvQ4qKMOsKXh0KhHxWcWWUTmnZFHhzj0sBMoYe2oRUO-U6o_rUfAGkwS2MG9OQ99uQfYRf4ofWHTc4ysRgkJOCeosLDe6mFN3ix3SwuJ9tbtHI1pVkea9nU71LG8IPT4iyU6p6Njm96vlq34aPt1nCeBU__piDdpjW4BHW_AHtuwRy0zxQh-eORpANajynTggUNrMsASKWoqbxIz0zUel0NQuKtNoreFzkicnoYaOpS1cT13ch4Sgk0G7h6-WLtjrdVw2Vo41hLd01cebKQSCGiBxQ55BEBPJRPQCDETWSGvmSqYM01T4wMWROuMhjm5S8YM_FrRAoDu1mUoBbeZ0SlPoFBk8vnZExd5b6HoOFxPvVq6EjIs-kAR2n6a0XTciOVkpYUXaAmDmihbBEp5xSwg3oLo2dXD1-msJjJ1mWcIeHpwinc2J9O_VqQEQvFHELLuFD-OPeiZrb3lk2qor43e7ANWccZ4ux0jcc_gGw8YRNUCbD1kAkuIhIrMVM0Tw3TYmRwOGVNPlQMeSzt8ne-qWelU3DXCZr_MKJwqHFBCcZwKJEnOs-_AVqoq-Rvjdh6fdYJOszc-1cyFcuaq_B-6F5CnmwFC5lQWw8W0Ojt7N2cK9CUhKlHSSZT71tz94flLXg2QlAmaIxFa5NQVF_y2IRDo9GccfIm5GmUQz9UKu_ThYh7zoNGLXRysZwtsk5gv91iadAGkNkSsOMGrnZuYwL-aB3bV_8PnblZm1yB0VJGUrdykT7ByVnbg7IQVZBAWVY9HmkrIivRbtK4zbQsm61zpesSUYjr8w3MD72ggJ53Nl1muZuv6OFXHcx8lDG4KaRW5ucQJRtJ_t2shI0ZsAxfo0Z6FjuowEzJ0fQIESVlZcFsALe2IWTnAaiKawGomIlpqXvLWsb5tsBHm8Aj6EYGdKg-iGUW6fi6vQeaJZqnrfbIwtNeenRw8J7QP46qQ8FfinSlQWobELTB_eqhGQzeibJPqVBxonrlEwp51WCfXZ04wDqbm8AxQoL58e3AfUZbHPELoPAf-C00GfTWh7JvcOsCb_3bGes-qE_4qMHrIb2bbE1vWILr-DTTuqqHxbo6s&sai=AMfl-YSGb664wkPBTaAvIswHhGH2b8rzCOfcJJPQfSu8YonLfbloLcE2vqPdR039AlEu6jDkybhZauCIYAWID3Pne_JePAZ3UaeceKphZqLD46Nx9QlvEj3r7G4AAiM1jjSMj32UX02uqdrjyc5a1F6F-uYIB75SMcudYEn1pAkVHa9DZbQz-gZzmgG8ukc3Fup87IQ4YnLq18JXrTj2gHVSNNr3YkLuVnYTv-pK&sig=Cg0ArKJSzJWUMr1ffdHAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20220907.29162&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 12 Sep 2022 10:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
servedby.flashtalking.com/imp/1/113675;4050628;201;jsappend;Disney;DisneyPlusAdobeTracking/ Frame 287F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/113675;4050628;201;jsappend;Disney;DisneyPlusAdobeTracking/?ft_custom=345238439&imageType=gif&ftDestID=25103801&ft_width=1&ft_height=1&click=&ftOBA=0&ftExpTrack=&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_section=28516514_345238439_537160483_177792315&ft_custom=345238439&cachebuster=613240747
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app3.frk11 /
Resource Hash
745e689502f010db092887a967fb6581a58282ce792603161cf63772ec59d0b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:53 GMT
Server
prod-xre-app3.frk11
X-HW
1662977813.dop008.fr8.t,1662977813.cds010.fr8.shn,1662977813.dop008.fr8.t,1662977813.cds228.fr8.sc,1662977813.cds228.fr8.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1800
Expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 287F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 07:50:57 GMT
17436589675331516138
s0.2mdn.net/simgad/ Frame 287F 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17436589675331516138
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
613d5dd7a3d8e9cd3a8e1537c3f01e12f04b7ef61c64fd937d83ffce0edafcce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 07:00:02 GMT
x-content-type-options
nosniff
age
357411
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54112
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 15:41:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 07:00:02 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2010 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
1695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2010 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
8757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1DE2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
1695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 13 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1DE2 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
8757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:50:56 GMT
/
events1.avantisvideo.com/ Frame C4F8 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
/
events1.avantisvideo.com/ Frame C4F8 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C4F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwmT6-8RRCoetugipqoUjrHVlu7cLz74DnDo9Zn38Xq1dkDNo0trqzMR67vuMEoQNIB0U4P4rufTFGmJeAZ-K-FnY7jYEDCryoMv7ufrNmqp9yHChJZ_TBLml1QkETStlbkj4_aRICI0xPS6MWPxzLkdfDbzd6n7vto8dVO65hXp1YNoXjzXTnJ4Y7YtvznnPP7LQCIs-xcb79q4k5OG39t2DdgfL1OmTmzfZGqUjpwM2HESkMtcq5RMJEYU1rzoB-0cay9L8PG8bbNWZ7tmvAVEqejlDEaI38CKB7kutTMtGSW8TiCUNFX2KNIUu8VUvJBm6zIagH2eAxlaKNTq3zqrqPug8mIxh8WTk&sai=AMfl-YSFSGts9BcUw42sxDPMF5AhQ3USa7XmvVI8sSkrDPVikeU6f7D9FTZ62yxp76xgx_0MEYoge6XhJlXrmXpT861hsp-bNc8Wwx1GIETTsHyUCBPn5iyuDoMmGHV7pkBZC3g&sig=Cg0ArKJSzFQ5tp7OWoXWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 10:16:53 GMT
/
events1.avantisvideo.com/ Frame B5BA 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
/
events1.avantisvideo.com/ Frame B5BA 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPFrH5vYFQc2SBCAYyocfJvn7L_ZBwvX8cv1Kb-i0TYWoqX5Z0q2AjN2r_xJjG1QYwj63JlQdkabV5JYdkbAY2-JZ6CIl9iHZOBHHXuejFRh-NFUIhpa5Mf9mgvbUPNGNxGwN0tR7tqnvsr5VDeA51ZD51GgOqI6p7U1hFeJ15fK8hrXT5evPdAWKGNouKkRI2YD_fMlTDvOjNUak9HZG4D_wSjrGzSdkV0hF7ks7B4k0XoltpP6rHo7NwoEAA36nTCvEegowxzuOxgjPe4NlB8rtCsvrQZHZS8FKc8D3WkOKhg5Prqh65mv915cU4WrLX2NZaBQ3EkAYcpJrZsnA1-RnbUsTBR8GX786LXl4No2FR-Zs&sai=AMfl-YTff-unqhX6ONp1QYbanC6sHZI76oHAVjtEtgpFCr7cwVVw9PsBtVzaD3bDh1oHNOAVH68Azfa2ZXMI22vA9VG8rjzg7Xgypm39I6MPuKKsOeF1jT5zzGFmeAvqfEH2PqA&sig=Cg0ArKJSzJ_LqrRGkWPsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 10:16:53 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 20F4 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 20F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 20F4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 96EC 		97 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32c637556945a20e24623cc2af8a99729a245eaaa85024152edf2003411bb870
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMep3I6Dj_oCFdXs7QodtyoFLg&gqi=FQcfY8mKG8SLtwemu4iQCA&layout=/sadbundle/%24csp%253Der3%24/14081140813452513368/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
38241
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMep3I6Dj_oCFdXs7QodtyoFLg&gqi=FQcfY8mKG8SLtwemu4iQCA&layout=/sadbundle/%24csp%253Der3%24/14081140813452513368/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
u_d.html
cdn1.avantisvideo.com/connect/ Frame 67D9 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27111
content-encoding
gzip
content-type
text/html
date
Mon, 12 Sep 2022 02:45:06 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-id
7y0eCZtDkx8dV0gJW80YI6nxiqfRpCTLrOiKeDGytcAF1xzVWVUEXA==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
u_d.html
cdn1.avantisvideo.com/connect/ Frame D968 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27111
content-encoding
gzip
content-type
text/html
date
Mon, 12 Sep 2022 02:45:06 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-id
P9d0ln3srVp6EYfPYLatVwF7Bw20KMNFGCFaGJJsu78Ow-t7jBBjEQ==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977813306&oz_l=62&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:53 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 914B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 09:32:53 GMT
expires
Tue, 12 Sep 2023 09:32:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2FE5 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
81aaa14e2744ae6089afbb1073ceb19749d08eb36035bf3ea616549e3d6a9ede
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K9hQvEKXIBdg07pmoogTXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-K9hQvEKXIBdg07pmoogTXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:53 GMT
expires
Mon, 12 Sep 2022 10:16:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
privacy_small.svg
static.criteo.net/flash/icon/ Frame 454F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:53 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 454F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 454F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 07 Sep 2023 10:16:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 454F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 07 Sep 2023 10:16:53 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 454F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PKyUGNzcxLb0aY-tLF4OOKXLC6JLJ6H_HZ2Pc20dqSfF0EGo8yoYhf-KHxt00zT-KrmDqED9YkRAJTZInRVgsBlNDYiO78gcbAKuGJVgrPFRWaL98DPUC9YCrrP0_wzFoiHecTVcWeRx98G7yGYhbld89QJpNW-UPiPyFhA0zBmBS6yuZ653fQet1c3_28YkukdXY4gTOPs209eJ7GCG4a6QD5h_YgXq8jL8hZa95etJWw-z2EWr0NFWuvtLttA_6cH-QV-hC8fGYRdl7m79PvKx3KYGOzQZu-Pt1EnbfyK8VqbDqDgO0w31GDSM0HatoPNgyMcg3SbhQyPrAObkeYewKavA7rUFfY1QPqqwV0Kf8MKfw8TDkInY9H8JMfhItnFQpJxjE7O_tCi-tN94Vj_hWkBbIQNxX9K5hKrB5p8gmZe3gkV7nPBqtR0lreMD6VQ_cA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:52 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2857015
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E516 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFsQlq9o3xHizXUmz442GGNcLF-57YqEbQsQMJ0ae0cjQ50nPuUdxiVpWBG149U-AzUUzvQR35iQe_FlA6_pXWufQWFlrvxf9b1t2B3GbJqX3WSHDKySHNYYMbnAXK6puKaDXAclPK_AK1cOaJuu2plG-8CstpVNKo1F2Kjrm20cxGsuCv-y8O1_XpK2YIFrPmkiufOw80KxXvrPLdfMULn9_IZpVtvUbQSidihrATEyYzh_vJTSQNNOSwYNqrpZw2YDoAsxHvw_sHpyxH5nzf52M0DmFHPzmZsszCkFOWDO15IdWbY6rkl_Lw2zzpiS7eC1p2vBpsxmDlSSBsdhAFfK6AsEk7-77vbBZFnxG7ak1i57aZLCZmuQcPGE5xL4JU07rtCI6MK9e2Q5vqNvgRmsIGuyA1Es3oJjB8_9sH59csXfmwORZku0yrfeDN5Sj9-OeYHUrHiAdziQzLAuuXNg0ETql4y0Bsx4twceVbi2stmPSnAsedLutm27DtbLL3tEZo9w1UUO3tYiGDueNw_slFTjDfH1lAcdCSbT_JFrYSeEbMEHWpilTLCDE2IuudAukm9DSNLKxQKET0m4nJtbxuExTeJofBdeBjABSRVlM0FESDVSaitnsEnkONiHLf034Prtuv5R6M88gsGvX3-wddmbPnIfKUXXs8j4CaEJmKcr6lYaHOaLAhyG2lN2M9sFRd88dG-Cmze4odZDoRMoRI-ZIBMdPMSJRraA_GKodNCEWh0_0hiVq5ZTfnHFSdHfVyJzwrMlCqgvFf5_cUCDvO4EQp99yB2LnVBqpzk-bKiwer67AF0nGRfVQEjzVZsgFozxUj2YbILgxYH2qOm3px7sO26UVQQO3C-wZwTwN7e7QFoH2IP19E57-OveGjlTO4GbcW3_TqS4WN7Rb4WJmnnqrzmhmk60g4IP_meMgvbyyX_fnQpZYn9nUgyOqS-I4hhkzsVP6AXkNbeRGyomL3f9AaYvWeoh7tPa-AybNP4_hL4T8F5WoKJwtyZJcXDOuqAKesQjrBpswJZbCXhe9IZSah5xnNGX-7XgoMxQONqLHBUe6N_JjPy3b7Eslr9mIWncu2PV6n89CTYiMSD6KoCpCLFOnojHuOlzYu4aOLDnTEu2AKKitm6XNXnm3xKZOitAaLId2b2Kh5agitcVXF8s-AbvPcAbM8-ao-pnHuuRPtddnVDAaBRAr71-7JsfuS85PxCvlygYan9LcK8-6q9L48Ra4&sai=AMfl-YQxxx_kejK6os1jMTSRZq-Q2oCxC9fAXBwhJOpU7LVtJWTuD8MILGDNYremqLMvIH2ymEFOrVkSJSICB2aUJWvYcszNEljEnQFNCyOxsQ2O2KDH5u38zh9lOo2Rgx2UMae1brvRLn9FhZ0x79Z9RLoEw7bMZFdoawX94eDhNn_E3d2kca5wHkMQytgSq_BUTylWkpW8P1jgoUF_3D1vIlLFmRYHPa1bWaoU&sig=Cg0ArKJSzMXJiA0eYOK1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=325&vt=11&dtpt=321&dett=2&cstd=0&cisv=r20220907.83697&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfxI_J_5RiCLawwd419AVuYw1DpQz7BBmaGlP1WN6A8sspMwryMku7c1YWcXv4DZidQq-yzZfBwGPUrs2MUEeEjYRZq9XBt0NOx4DZhDYEDEHEQ84WKFt9vgXA07JYu31ZdkNuVjrqzstsoiIgxxTgEDCXKA&dbm_d=AKAmf-CZORgzM3ALTuwXVzSL_Nm-RVkBXq8sKWPLd6esOIWx8lkbP9EB0BT67XdFMjYvvEA573mb2e-BLBMzO0SomOcQcawYMxExi9zdYdt9o7w0GtSxKH_ExBgJapyJc1EYUgiI2MgOiygvMTL8u19fNztQceB-mrswoyjWG6jQBDwL1izUWNOrh0IZL11cDr39xQ4apsERlnWzq7VrfLMbjjAkG3gF4_j41GhO_znTGNkMDurqYUlBo4_TQV6jMnfKne8e8W-fYQycnIpH4lbeVa6HxCKemtwwTYcGDAYQWj9yzQiHGejJygswX5FeCY4jNx0RRxeh_BtWK8yQ2CiMJH51pIhc1G0Xia00LDdd23IKKdlQZG9XyzY_r-EcLuKv6QswDsyqDAHndrWuZFbvZCLn_Q1SvYK4ydUGBq-e7LLPQKSP9xFRSxlkpCwJ5kfq4P3_gjB6EhAHtAOvuKtvtM_c4Tn3rtpVUsNE2KUbSABEm8uw1bDThEkQpH6NHD37oeACuxN34XaNWGltSK7h3IZvHvLxiTYxtXcD0A-bAdusaQv-R_qOlcmUOu_7Of5jhdBS7NG4gTLVYfV81i6PHQehRpH3t4PLKfPwPsGQFhKsiGLG13reNmDArY9SNjAE3hWkyfSmhncZqG9eaq3tdjUhKE3HyNOnke8avEZ7p_weJ5wfG212P2Snul_2qFYGlujTMrhF5Fp6NHabD1qVLv2LEkOj2KcEvz4OGXQMTw68wSHtCMNfrIcNjMuNJBaLvDm4lmwjg63ug_dOmidtnYmBjvTypTTBbeyU7-Vop5z56B_cBIr3NLCQ7uK5QwbzjD9AFBgZCNcdUzy4TI33XzMLarCciKSQ5CGD_xAAY_KTy1BKfvYt6TlDc0CW6RaqOBX67GO50cc5RGXxwBbkOQljfiVE_cxobWvDRJsU3o8P6OMlYIT9rwKDoaIxTKWwwNhU8vWgPki4lOIeYE9FTUVPQ6AkpHgqrkVZFMuG4hTgEyJCdcMI84Ku4uveTk-XXoost5j10bgYeYwju9Wr2yBcVzPbnyXJiccFiGhMTOGP1QDm9tD1WVQ48IoyofmOcyIm5xiBHie-sJmyV3jAx197iH3D2U4_hBnh7HLxGvFdNKhZ0bXKTsmRp-DGmsaisWw8B7QzrCEO1jgwqQGMSKZK3Z7ZoWDIht9hsfqiDMshBSQoQFhApcdKtO5CfdZ4qVWEzSQCddRmwtV-5YPDpair8B2krrvxk5eixlODHgCPjKE_9hHpCwUwSe-lzoT7SALhZqLEHRoIukzDFMVp-OvkxXnTqyDnQpbVTyIdqMXicX2E7fS311wxyBWehwuRCnXpCWHuc4vxIFletCx7tzb-o9cwiTvganrapX8Bsyv9X61RRbtU1kYBnx9m-M9nY4cj8O098wZsrh8MGbDlKTk-SfzSJtlZu4WCXgzSGSU7D2HCUSYixoyGnlj305ST5JJh6c7CoOD-xbheTfGgd3j-zTPA_S3sfJfWffg7e95Wlh6T-feEuf3N66YmOGWSz_QhyBOmzelu6KHkf1yTKVlW0hHhqY47Gl8hnYEyfTv362jpTG-ZysN42EmXtST3JUJSb2kzVxDAVj-zDANNmsVKGT3qu9lGXnYYSanOhgknB3m1--SDMoJI_T6Y0Bg_rpUIYQxx6fmIJ3HOybTeu2sK7ajByMttB8rnLcNjnLX6IG6wYHHWo0xnTYTLtISZuOVWWgD7G1USfTbH2s95aj_rHTTIy94v_8fCw0zNlqcsPJqFOPq42dVXOerUiDUe3E3oRPOnqrhiOC9dmobYyCk-65TGPfQGSvLNGDpSmFqslIzDuyGAx37VJWzuAwURVjPHvpvqVTTLiSgNQjIWiyb9aj-HWo2uvsbhKOn32_dzZ2f3wcs-CCNCWlJzKatFmULcBtSW2yY5cA-3R3UmRVUUcLnlD64Kt6GwGg0LeRnU_e3UaJZxpODdjW-qccKBio3iOjsLaSULwR1d4HLsa4gQ95_FSIAWoLUHfIUhuXhikPGTwVRv09tTXJzWPYWiIWt1R79qi2hVeRD_btP0KbHchBFNObx1GI3xjry3hXUlpOfFL4E_a-IS-heLQJYHZiAVVtDM3fHjxDc6GLLjkdeg9NzawkxS0xUp-M-nQrfvLX3BfuOocy9TJfLEVxhuZspwW3wZ_fWsHhOepgN51ffDxfnK-dETnIYlbXlRk3JAuc-7pWto9i4dPnXzzwHU4aJkXl2nh7RFB0KOK5X2A4nXxa57WVlQvsv-PCQvS0LAb5OvmXt8m80mLsj7l10_2gE8i6fbyKowf4yBYBok7NylN11m5TJq-jRHBhvt5k_dPIQJVcJlz4oX-ksWNQX2iQMT6M0Exq_NEKH0RqtXDgM0KUgUI5rPUeZhkfr4yNWXC7g8e0eTdwU-lJryce2uGI2opUdAPrGxJbOZJV4UnOQYJFSvIXyVf8_xXzm5R_ZWNwIkwKOdPHH5mwrffxAT5k1AKBggvadJcMsCB2IlNZvdz_KQS8-_W3QNCShHG_JC5otld3CGqte7C91AiMFOD5fRtoh_VTt3bcZNquYPf3nnK-mRbAcsgyLvWwZttgrdjZNW_TUGskGXv1NDsAXh9oVpKAyqp2GlBWV0ga6qOFSeYg6O2aQykEco9PDh37zpBPLHu4_LuP_IRJzZOeqQodQzGu2UkN1ytoHaKD4ByawI83N7Nl8WCYBxwMyjecOv1ySH48uOaw4q7ZzTHYHHjPEflcaikisjvPc7Qb3o_SA3o_COaiJcNafI32W30YpZkkzOCKSX991bWKPJPPcqqK6CtO2ehJWYPL2XaIR4r3_r8c40PWd876CWvxP92bvSqcnMpNSpkH4vw99z6pVactPfVpzIxFrCYPL4KuuAf9KViu2Iahf7UH4lEl4ldRmhrcK9ZpH-Blb78WrFbwvb4FphtNSvoscEvdid3srxqn-e-qxj3WfKe_kP6nBT2W4dQhKhr7dHLd69zZDYnMZdCLKYg0FRxKbvDhcg_Husi4EottyUGnHrYvzXRIDEVfEcJFWtvSLa7hTjESgIcwjgvcUTTC5HpsUZFy84go_AcDtV3gc948hbFptEJ91bHqVUUETIibVpe6Gyr6J5WTpLeKAAGwVkOV44y62RLpZgeeNY7N7iEIC6JuvqMcjRd6HZsj-wobgCZ3Z_qNW2RUsShkE2_EHpt72uaZ_8nwE79bAuJLl_nAZKU6IFd0XKWYSnPjyQa_dZlLZOiMjHD5uO7tfrkW-t1R8vhlEVenE6zrlpACj1OHgkl0UvHpmwWWQnbKg9orfttdvVpdFozGi9Ds4z2P1SrXAFraOirE0wRJp1ZkCfsJlbKBL02XFdcelYnEBVG4yCZfAgPY6T5Ya08vUCbftSmFd7hQWX_1IVIGOzOBS6mA&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 287F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwvG-lNCs0cxAjMxW946MLmfnzzUSvLUCOSLRfiuowQl1y2Kp2YDQiYrSL3agZ80TFxpIXpVza2JS3iUU14z7x-h92y9YDxQ5eRA-ywIEZzue1fcNqR42rIJjAs9epQOGx87vD5BhzftC2HEwBpJJR7aCsvQ4qKMOsKXh0KhHxWcWWUTmnZFHhzj0sBMoYe2oRUO-U6o_rUfAGkwS2MG9OQ99uQfYRf4ofWHTc4ysRgkJOCeosLDe6mFN3ix3SwuJ9tbtHI1pVkea9nU71LG8IPT4iyU6p6Njm96vlq34aPt1nCeBU__piDdpjW4BHW_AHtuwRy0zxQh-eORpANajynTggUNrMsASKWoqbxIz0zUel0NQuKtNoreFzkicnoYaOpS1cT13ch4Sgk0G7h6-WLtjrdVw2Vo41hLd01cebKQSCGiBxQ55BEBPJRPQCDETWSGvmSqYM01T4wMWROuMhjm5S8YM_FrRAoDu1mUoBbeZ0SlPoFBk8vnZExd5b6HoOFxPvVq6EjIs-kAR2n6a0XTciOVkpYUXaAmDmihbBEp5xSwg3oLo2dXD1-msJjJ1mWcIeHpwinc2J9O_VqQEQvFHELLuFD-OPeiZrb3lk2qor43e7ANWccZ4ux0jcc_gGw8YRNUCbD1kAkuIhIrMVM0Tw3TYmRwOGVNPlQMeSzt8ne-qWelU3DXCZr_MKJwqHFBCcZwKJEnOs-_AVqoq-Rvjdh6fdYJOszc-1cyFcuaq_B-6F5CnmwFC5lQWw8W0Ojt7N2cK9CUhKlHSSZT71tz94flLXg2QlAmaIxFa5NQVF_y2IRDo9GccfIm5GmUQz9UKu_ThYh7zoNGLXRysZwtsk5gv91iadAGkNkSsOMGrnZuYwL-aB3bV_8PnblZm1yB0VJGUrdykT7ByVnbg7IQVZBAWVY9HmkrIivRbtK4zbQsm61zpesSUYjr8w3MD72ggJ53Nl1muZuv6OFXHcx8lDG4KaRW5ucQJRtJ_t2shI0ZsAxfo0Z6FjuowEzJ0fQIESVlZcFsALe2IWTnAaiKawGomIlpqXvLWsb5tsBHm8Aj6EYGdKg-iGUW6fi6vQeaJZqnrfbIwtNeenRw8J7QP46qQ8FfinSlQWobELTB_eqhGQzeibJPqVBxonrlEwp51WCfXZ04wDqbm8AxQoL58e3AfUZbHPELoPAf-C00GfTWh7JvcOsCb_3bGes-qE_4qMHrIb2bbE1vWILr-DTTuqqHxbo6s&sai=AMfl-YSGb664wkPBTaAvIswHhGH2b8rzCOfcJJPQfSu8YonLfbloLcE2vqPdR039AlEu6jDkybhZauCIYAWID3Pne_JePAZ3UaeceKphZqLD46Nx9QlvEj3r7G4AAiM1jjSMj32UX02uqdrjyc5a1F6F-uYIB75SMcudYEn1pAkVHa9DZbQz-gZzmgG8ukc3Fup87IQ4YnLq18JXrTj2gHVSNNr3YkLuVnYTv-pK&sig=Cg0ArKJSzJWUMr1ffdHAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&vt=11&dtpt=308&dett=2&cstd=0&cisv=r20220907.29162&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DF6ySGVNIBNP7DEo_WVDvGQn9S3v4blcErIfH1oeGg7-AOWwTQFN-E1OR6rL63qQe4Ey8hW6xvG1BqsL1pyn15kPYoVdzNEukoA6E5ryFj4jUpYNqTSu58et8LjWd8h4qiy62bTBqxvMVgpe5U72kSOFeKBQ&dbm_d=AKAmf-DIq54AvyT4wznrNgvXUsTO9R9s0l9jR7_5BQJ1ZF25GV969FbOkfhVnvu4tqiZ3Tf59AmFbi2bttCQT4ZGlux1jyDmO3gJcDbfGpg50VQBfvD2uDmJAEl64YpO-1ALU57pEAuYnTYsoXJYmmtz39UBWEen-gOhVh3wTXwRi6iOff0E7CvG5V8Q-p_o6wgivl5pp549TvrXDytzjHxNjPBjhj2JIXwScMt2xF15RJAG-cCiidHDZQa5I5KN8mZvmI59vOV1goFvV4vexkGATCqg20i8rgahnRvNB-ym5gy4WDxbmZ_cNKjA1JSZjVR3pXeFEwdZKu4Lm5WDBRioE4I1ZICEwGTxahkAFoxjBw4y2j9U2cNe9-GqwIc7E920RW3r3HynNlqVBRnSZVzHUtSQqOJ5FE4FYE-VkkHtf3LNZEGCWM5jOJ9OjVdPCLcJuvwsGs0Cl7mL-sGlYq6BGMEPHuf38ZR0LkZt-xYGzGuujEXpSz6q8EqldTXFMtg_n1xnKAe_kWOIOkbXp-gUVE5pKM4oSbpIXHlwdxTQMXPfCrHeD5ShTObU6IWoUO5HE6qE9uemru7LcxzCMq_b30N6qGcsl-Me4FCXp69THVs4HELPTfsHhDZBCrdra3AsMZ13nzICUqNy6wkjE1vLLRdRYP2UdVJUfIoUqbnafvu5j59UXDBhgfZG0cOfeY6HxAOx__GFtg76bHAK_-xhTIle17arFKwtDOIi5U12PCU3fRjSfix-F42KrO0jyROFNyCRZIyIuJmSfesoonNYPBZNHxp06Ftyy0r4z90vJvW8jE6-AZE9F9-RedhaLN-0uZH855mxGkr0xzi-QYCrzlpW9WmXSNBLqL5N03vVCn-x_OjQktlfVVtHSVLALT_Yhc577fZ9MGnOlec9-7n5gnd9LC-5mFS77XFyQPYgmsgJLML6nYsXQevzTRprq1g_KNIYEXAcIkiWI1ZBigIzGTcEySN0IjLHuIn3VvFh_OrV04UqhVgjp_gJ25MQttaB4AQSt-ii73edm-Z0S60PXVtg_8goFRqEYwX6Jih4SzPpyIRaABzmQ3AmD0OdI76C2O29J6EdGdkMe1b-4mMdLZntNKsC3ghJqEdANbjbWAaGeCVYokcEqGYUfHqfJZrDC9ODQxiyA609q-xKZPmHVU0vprDdYh4m5cHq4LLWay_RbC5y20sv0Pq7FNyGNDqGyVBWBFmjVWlJlbMnJ96_MV0mJOeWR6hJccfE0pTyEBiQT9Q0vHHYQ4Qj4w8LzDJwNREhSwmjwZogKvyMPQ-d0tZkEsx4v-po9xzWFXVgrnxa8GbyUnA4R4oBXZcJngMnNyZfMFZGjNU5HmB7LDAJe9JF6WsaPRIE7JtRchYRC4XF_4NblwniY-vow6-WAhu2aHdm_X7Tv4EIsdNcuFfMX5R8mEsRr_jErhyDkWQkLKCICjBlgvYdI6pbaLDdFKQMUzo9A1lIOVZhYvY8QyXcXmjfL28TTSUt2GkSlUlLsEH8pYnQcc5m6cOAD768sIhLDNg4MBm3JJzXBhLhkEoeJXC6-8-XqrnIdeQRynx0mFa3ArajNIbbZgVBPmAbAzCqGHzGRgJG4ik6GIiuEnB78rd3tndjxIfk2fMNAAnwI2UDSJqJ67woXHR82iXDjkNn8iYI-hVWvjgrlhJs_8gS-9lXd7UpF_TwbzQwSevs8JaKQKRPpxC-ofMjlsyjm15Lb17PAP4LzhG-cHn3VpQwKdWNNnzVKWR2FDHDNKgxNFkuNCFKvEvnAhiucdyLl4mBuAWW4nwMgciZu9isWagliLejqVCkyFUp1L0GjZCsn7l49Y_IY45C1YsA4jZ3L0Q9IXjdPb6rim_kz-wMqijGUMzTPBO_rUFbPUztMIvEGBu6SpagOf2FokTmqhRPtIvRbzl6Wfr4GNGUM6H1PB_JybaCTn-BjtK958GvQ-ARMqVan7bCt1SF6P04u171eSkHUh9sUsYoeM4777Hq9-nXu_CCAt-KtKvchCaN6yMkB7MpcPM01hszVT36rbGLcC-BvH5_n-iKcknx5w9S1LeaNMUsVWZ2a-ySokyEgNV84iuxd-Ci5kISN-fBWlPcjxDIMXvbqNLONN1Ap-TckZ7kOENGhOnUyb_1hoRl2NDvvEcPWytsRzo1YCg9gMA55rbchHZpzGeWCXrBakpWTnuj2v-59NOskiWUWUFLHz6TbE3kg0YciiagvuyoXvMYXdVHUtFMLlqCdb3FgyW-DQ0DVbxKCuyijbhwPRVamck-ILwk1aadCvhFrwaZu6pvqWWOPA9NYmA5xZ2uCH-6YvKq07YnEDTrwE5809fBj8UycA3DrhaShTm4eaKfIfftpe6N20CLtXsL44mJ44BZ3KmLeM1as3S1GaDL1htGG6wuQOuat5GulOHChKeAznOP5h034No2_vRYsP8D8rPYAmI_cf0BEl7W6uONobPRYHH7mRRu1uy9pPOD2A8O6DSTaHhqgAoI3hiqizWCJJUiOf8HU6g33F4CZIghwOnLFiPLJAbNsaSGXGFh7tHs1DBgrg9yRsSw6_kFz5Lp6jrN-xW5wG-wjZ39_CQvHpHkBYg1iw9JLFOvtm1ovmzzNQMQSqH6jUBPnTzUgHdWClFZvsUK65PWjF2bu1ZPSSF-3hru6qW-nW0qSdkbpnkk6216x5L9GtZFZ7OgqrPFT2EVDxRP23ZZBdYWmqL90omBLYvrTWevxGMADVCAEDJzVokwdGZwkkSMV5pH-Wvme8g7ErHMzYXjtU62EiDwMo-2hUvJx5zgMHfnIhlmvs2B1ood5Lf4ckp0CvOkpm7sZnhpdnc5KuE00gFUB4bb7W_lyg82pax7WhPG8AhsC5-eD4VKmR-DnAMR6lnM7jLuBTwg95aWGeNPas5OqODgN8LvwoVf5DtoWP2jcNjAjERANysru607dD4H9qEYFq-A4qGups_bEu8zlZoWDtNryBxQTl1E7aZtr8cAeCgBOwTci7djF8-Nnf8EqUjosBSSLWhnS9vNQdV2uqeJLfmg69AkQ4bXQP3Yvvj-XAFrb-oDIbYilSjSVkPpLvWuU9gC9UCSvz_K36XjvFib_pxrwPobAWWRXt-i_yNOIZuox8og1Prxbth_BGMeiZWq4JrgWrOG8Ti02RgDM1q65-uMKiyJUYphAlAeCv8tmOUCYZ7e1cczS3V-Lw7pkGChJtoxwI8dbKZOG45ogVZ_zPQXOvknLxLhmMuGLKJVofkN6jlZphWND1d6T8rjTeSPz-PJcoT8F7yhBbeF6r6zADH7iu7wS6A2Wi3Dtssj8jqC_ddW3z7qUNjLXOruZ5iajFkpj1DLJ6it0VrNK8KXCSLpGJ-CufitXFyVGZu1zSaEA5HyFTd_hXdQVaj3Wi0RZWsFIKBXLZUmBFrCjVRyog&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame DF89 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3566163003ce26a4be0bc5465ea91442042c240b518d05ea2dae78ddd05b7332

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
dvtp_src.js
cdn.doubleverify.com/ Frame 2EFB 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:2a3::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e7733f5441f4d8f6857e1d4c98294a425b77368417c9d48370f47ce1def98633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Sep 2022 10:54:59 GMT
Server
Microsoft-IIS/10.0
ETag
"8043497071c3d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3315
index.html
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/ Frame 2082 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
330974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1926
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 14:20:39 GMT
expires
Fri, 08 Sep 2023 14:20:39 GMT
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2EFB 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHS-6PgkzEBKNynCqFavxIPlbJQm5pw1ZnqaOB1J-khSU-qKkzokcdESj5EpMcOT2yTfFWBgHjFD2UPrb-aCEYOZuyp13UWFDa71WOr7JGAcooo2Rd9jocRoOih4i8Tkl5iUzpQAOLPs8pV5sN0-LJ0pok-r6A2FFRjD3qYKi86m-1N7zaKjZSEgJNd5SWoyI5gio3M0rFA1uQVgMWg0tbxGPXz8D8ydFu-5QDRf68eXhSjGArbaM7KOoKvoUyKZ_FRFkbCgFGoCPdcGBXmsR5b_Kkzs_1zZLeNdAbQlPCLty2hhWdYSYsVe3M1ITxqauw2ezbvQLHUR1wfgcbR1p9XL-bo-lGz8f4uJwWzYyTQk5FZZURP1-QZv64J4h7RW1c8GH8XkiXhnKSs40n68Tfr8BM-03R5_v0YQ6TdlW9VZ-AVVXZ357HtXmiNm713kA6QzNnnY_KYfxkDsh7muYbNb4pu9cs-s2v3B9Tyk1SwHb8wwEabUtyxNcHQYye7c1oqxzfV4GgCejADt2y6qh2jX7vkY47S8WJVqPhQKa9Hzhg1iOBHnPZj_76k65OUA7em4fur3otgpYcngmKshlP6Z1KLGQV3UyvW-RTD1gFVBbsSyjFF-3sQ2sBPq6wJtrR8A7e6k6Bw7zDBFf272gvZLF5bdQQPLpeJ8avHGtbAU2zWmHB_vuPZaSet80qwfBsfOBByS4m3CRF46zL491-nOFmvI89p8JBouv6CSiV3vsuErmN3NTlCX-zcNCALNuxx5fIV8jKJJjyWIs5klLcjluGKotwlQ77fCNhttydjworkAt5pTdzsAkr2xUMmZSQejv17p39yzmAuAnUnJ2Dl_GBl76Kt6OEBaap_wLnw-rmHHNgFb3ybnzAnDKSbjjDFS8DbaJygupy8yHhJpAGasDizekYQwdNWmXsjNSzBYiJqh7udlplSCb9Qg6Ltu4uweOy1QZGO-0YmJmCSeZ89spkAYiYWIk-zxLZKoxWjLVA10rG5df9NQ8dm_e3RewJujM86_GgwpvOfLJrtT72R9KEnPSROa5DJjUt9NRNnAaTEKIcIIu6HtHhdf5P9_7XL32Y6HuNKVhNbz04UIh2JA84JFupYTFm5vh_4HQQBFyn7BerhbbD46O3cEW8cMGIiHTP-XbVdJ1nwlsrI0dsA4AokV3Cy4Oplc1RHlYbM_-Dmg-riZiiHvYHOTROmSeJQgWipun8EGZPCFhJnbiGrN_yFPCe&sai=AMfl-YRPkZgwNUiTfXW2fZJIS1pSrFiOnxIreJAPBXlRoUrzkkICp_RiQmqNazKr9DjAR1bL8FW6kuIy-2I_gLv1xvGzeGyIHr93Ypa33zevIXUACPNd59do2k8Tc42-CXqXlutdBB7OotULVh5uaFn5HQxjhHQqGINwKZXKc12U4WUX6a-GmtepTZHvy2qIBmH7ENr3qn34JCKCgja06rnWuMJ_ZEr61gidOo1-&sig=Cg0ArKJSzJIc6Qyz43x-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=436&cbvp=1&cstd=432&cisv=r20220907.96783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 12 Sep 2022 10:16:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
4.js
static.adsafeprotected.com/ Frame 287F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1164679/65553624/4.js?ias_dspID=3&ias_campId=1008867619&ias_pubId=pub-4627517680249670&ias_chanId=1&ias_placementId=18154214868&bidurl=https://www.123greetings...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2190:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:07:55 GMT
content-encoding
gzip
age
497339
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 06 Sep 2022 16:07:48 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
x-amz-version-id
EIole.IHkiDJxKVfO1S7cyRYWKsHRRtd
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
NtspRiuMhSHbXsV8HQBpwwu_UYSpH8yKrdU495LSSlGoHoNIHClMog==

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 9020 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 09:09:25 GMT
content-encoding
gzip
age
5015249
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
BkvPZJJxLubH6cN-yb9TBy7tSZ-w7vwUqdtxGlIwhbIIpDBZ1YF4Hw==
4.js
static.adsafeprotected.com/ Frame E516
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1164679/65554027/4.js?ias_dspID=3&ias_campId=1008867619&ias_pubId=pub-4627517680249670&ias_chanId=1&ias_placementId=18154214868&bidurl=https://www.123greetings...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2190:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:07:55 GMT
content-encoding
gzip
age
497339
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 06 Sep 2022 16:07:48 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
x-amz-version-id
EIole.IHkiDJxKVfO1S7cyRYWKsHRRtd
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
LPiYvgv_hrmfpl5kXtOXS_fqVRHQci8DkoLbNVoyKTLtD4U4TKsXSA==

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:53 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8A88 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 09:09:25 GMT
content-encoding
gzip
age
5015249
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
ktsPxxBveRDrUiBKKMPxjQqCmZ8GCQ0Gpa5HvotDii1Gm73lIQO03w==
geoip
avm.avantisvideo.com/api/v1/ Frame 67D9 		216 B
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
216
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:54 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
Ti1OVr33qH2G91hBc-PofpU81CdfmP9bxW-CN21qiSjQndp2DRibSA==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:54 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
J2Fi5XEN964yeNzWZNeU9i5bmwXm9cqhD9ec7DaGO1JJle6eN8Buiw==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame D968 		216 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
216
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:54 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
JjNk5gUjQyde4zD1X8NwlFQ0CX3_wNDf1DB_krd0TKgIevhnn0Z1fw==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:54 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
bmygVu-ZlUsoDqKR5hTcSD_O6KR4pfgQ4w7VsvW9p8UXuRQI_QcO9Q==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
j-4050628-2863405.js
cdn.flashtalking.com/xre/405/4050628/2863405/js/ Frame E516 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/405/4050628/2863405/js/j-4050628-2863405.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/113675;4050628;201;jsappend;Disney;DisneyPlusAdobeTracking/?ft_custom=345230444&imageType=gif&ftDestID=25103801&ft_width=1&ft_height=1&click=&ftOBA=0&ftExpTrack=&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_section=28516514_345230444_536926641_177789621&ft_custom=345230444&cachebuster=1337203844
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
dd238ee1db2bfaaf8a12c99fd8fe6e367fc0f6ae287aa2005e44739dd6017b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:54 GMT
Content-Encoding
gzip
x-amz-request-id
23AC6AP2B30YCBWP
X-HW
1662977814.dop235.fr8.t,1662977814.cds217.fr8.shn,1662977814.cds217.fr8.c
Connection
Keep-Alive
Content-Length
12870
x-amz-id-2
YeU5mobBUSWLCnzE2jWgmuikvZIiM1/sLsVBnLp51suUZgEPTpStaW67lOYsFTm87eJTvZD3+9k=
Last-Modified
Mon, 02 Nov 2020 14:42:43 GMT
ETag
W/"491f44a318485e2cb417362931136c0c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=215
Accept-Ranges
bytes
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2EFB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 07:50:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 307E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
267957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:50:57 GMT
expires
Sat, 09 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2EFB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff2ad68b18a268299e48391685216e5821015f8dc5793241459d6690d2d7d13a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E516 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
568183577979fea34c0c2b7ff52dd8d213946d7801f43885bcaf0bded65b8183

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 454F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4022718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWUnRo0Occi83cliagjQZ%2FMGk0LnNu2gSauYY1k5%2Bvtmo4tsUZ%2F82vIifYNmIz76Bp9qvqTYxjUtKOZkIzVyvhdhaw4uBOVfY3mqGt3ViTmMybiKMrzNmOKfYrdtztYu%2F2smhMph3IysH6E3j5atBE4L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7497e3e9ca4f5c7a-FRA
expires
Sat, 02 Sep 2023 10:16:54 GMT
animejs.js
static.criteo.net/animejs/ Frame 454F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:54 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 454F 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:54 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 454F 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:54 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=356&s=caXWMbg5JthwR_cYSZp_ySLu
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29434788
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24954
expires
Sat, 19 Aug 2023 02:36:42 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fceb6cb8c-0dda-4d5e-ac60-602012151b7d_dbf4ff10-dd66-4679-9932-9508bb7b0a67.jpg&v=3&w=400&s=JJkVD9qeqUrDeDqc59Ljxn4O&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9641ee4f4adab352ccea224ab444ff75d3715cf6a82d4e772473aa3c1dfa79a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27640
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
31690
expires
Mon, 12 Sep 2022 17:57:35 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fe08fb4d4-8227-4925-b9f3-29fcf2a1611b_7e774200-1214-4b84-b9a0-81718917fddd.jpg&v=3&w=400&s=JdN2yvRTlg4UpDBKhU98oC3W&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
17a34915ad056934b3712bad2375ed08be40571457a1818652ba2d8ed10a27d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=288728
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19698
expires
Thu, 15 Sep 2022 18:29:02 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F01ca5a7b-8cc5-43d2-8421-012e2bcb8287_d6b536ea-1632-4728-acf9-3526800cde75.jpg&v=3&w=400&s=IbRD5iWWDa2IyBaTx2Zo0bty&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
187e8603c927f07dce64f548ad17d8cc5b861c021ed61b8f3d7c8905e34e8f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=43761
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23710
expires
Mon, 12 Sep 2022 22:26:15 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F1827b675-afcc-4b5f-adbc-64f0df94e10d_3e6bfed0-4907-47f2-a2ff-13325469097f.jpg&v=3&w=400&s=ZpwoC9dgboYJGlt5XwloLXjv&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
328bf775da286fe8a88c774da6c3b8732c52559aa4e84e6179bb889fc26f5801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=772738
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
21888
expires
Wed, 21 Sep 2022 08:55:52 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F2a3ce06e-0f5c-4af7-8175-830f434cd465_391e25a7-6936-4b3a-8efc-b81df1f82d60.jpg&v=3&w=400&s=vDiG1mZggTZc7wybSEsG7sM2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
92aae9489d71f1aedc56759a22c8e6e169c913c5024701b3f663acb4c628cae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=548189
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23272
expires
Sun, 18 Sep 2022 18:33:24 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F79f2f770-2175-4273-8173-e893cc475633_d4470b77-d26d-45f5-9ad6-7339d47d7f54.jpg&v=3&w=400&s=71Lx7QSFfWArgLFqZF02fzQQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d6d2ec8d513e981bed8cb34ec19887699fde42c9bb2828afa1886ec32afc912b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=359750
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14294
expires
Fri, 16 Sep 2022 14:12:45 GMT
img
pix.eu.criteo.net/img/ Frame 454F 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F6a0067bf4afe49a0a7c182dac5a60db1_img_square_1.png&v=3&w=1200&s=pR8ZtDt1Zxe8bghy7DRRBytX
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30117103
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
136144
expires
Sun, 27 Aug 2023 00:08:37 GMT
all
csm.eu.criteo.net/ Frame 454F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Hsm37p4qTrAtEcrD361Jb0eqx5TCzFZ-EVPMjf1RZVprneEdTRXMdMH3rA3uZY6P1mOWHgDCwXMyqpqrAC06M5yeLp_87ctdhVC80TwixmxnX1v6T33QyHHW4QUTH6ZFOdDDoa-t_Mi-bhITnNgdVSqPIa3m3KtmTFzkPT76GgPp3Iosdyqn2TdIsfe0lEL2L3uN8PJ9bmamevhjL_dQg9Z80lM2x7MpdRVbXtAtqQ-63Q8wlSBV0lWr2flJyq1nz3amoA&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 10:16:53 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 454F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 454F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 10:16:54 GMT
j-4050628-2863405.js
cdn.flashtalking.com/xre/405/4050628/2863405/js/ Frame 287F 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/405/4050628/2863405/js/j-4050628-2863405.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/113675;4050628;201;jsappend;Disney;DisneyPlusAdobeTracking/?ft_custom=345238439&imageType=gif&ftDestID=25103801&ft_width=1&ft_height=1&click=&ftOBA=0&ftExpTrack=&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_section=28516514_345238439_537160483_177792315&ft_custom=345238439&cachebuster=613240747
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
dd238ee1db2bfaaf8a12c99fd8fe6e367fc0f6ae287aa2005e44739dd6017b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:54 GMT
Content-Encoding
gzip
x-amz-request-id
23AC6AP2B30YCBWP
X-HW
1662977814.dop235.fr8.t,1662977814.cds217.fr8.shn,1662977814.cds217.fr8.c
Connection
Keep-Alive
Content-Length
12870
x-amz-id-2
YeU5mobBUSWLCnzE2jWgmuikvZIiM1/sLsVBnLp51suUZgEPTpStaW67lOYsFTm87eJTvZD3+9k=
Last-Modified
Mon, 02 Nov 2020 14:42:43 GMT
ETag
W/"491f44a318485e2cb417362931136c0c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=215
Accept-Ranges
bytes
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 028D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
267957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:50:57 GMT
expires
Sat, 09 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 287F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbaabee6de205abba11831b556339ba77d47c6eeafd6baf7f74157f129beb8d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 287F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1&tv=%7Bc:nZGOay,pingTime:-2,time:551,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1100,beZ:1103,mfA:1105,cmA:1106,inA:1107,inZ:1111,prA:1111,prZ:1123,si:1130,poA:1132,poZ:1163,cmZ:1163,mfZ:1163,loA:1547,loZ:1551,ltA:1650,ltZ:1650%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:551,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B543~1%5D,as:%5B543~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c.1164679-65554027%7C1c1%7C1d*.1164679-65553624%7C1d1%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:518,readyFired:false%7D&br=c
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2082 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Sep 2022 10:16:54 GMT
script.js
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/ Frame 2082 		2 KB
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:20:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
752
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:20:40 GMT
dt
dt.adsafeprotected.com/ Frame E516 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=7428862f-96e8-4d95-5bb0-2ddc2062d845&tv=%7Bc:nZGOaC,pingTime:-2,time:488,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1174,beZ:1175,mfA:1177,cmA:1179,inA:1179,inZ:1185,prA:1185,prZ:1197,si:1208,poA:1210,poZ:1246,cmZ:1246,mfZ:1246,loA:1575,loZ:1578,ltA:1661,ltZ:1661%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:100,vs:i,t:454%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:488,o:0,n:454,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B446~1%5D,as:%5B446~300.250%5D%7D%7D,%7Bsl:i,t:454,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c*.1164679-65554027%7C1c1%7C1d.1164679-65553624%7C1d1%7C1d2%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:451,readyFired:true%7D&br=c
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/ Frame 99C2 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99172bdb6e1246a0e9448540c3de7c5db0b557ea4c834773cd3b2cce9e4100a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
434483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3854
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Sep 2022 09:35:31 GMT
expires
Thu, 07 Sep 2023 09:35:31 GMT
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 96EC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:58:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2FE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=592777021610199&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
dv-measurements3057.js
cdn.doubleverify.com/ Frame C2FF 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3057.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:2a3::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8b114c831ae69d3a621cb21ace849cd52768e93fd4c5007a819d20432f0df284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Sep 2022 08:49:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0ed58da5fc3d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106968
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5354 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
267957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:50:57 GMT
expires
Sat, 09 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
demconf.jpg
dpm.demdex.net/ Frame 287F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=53686D6C863A8D?816078193
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=53686D6C863A8D
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=53686D6C863A8D
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
52.51.99.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-99-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v039-0677ee667.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UKL6AB3HQi4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v039-0065a1e97.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
MEt5E76FQnA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=53686D6C863A8D
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
2863405.gif
cdn.flashtalking.com/xre/405/4050628/2863405/image/ Frame 287F 		800 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/xre/405/4050628/2863405/image/2863405.gif?486245630
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c0b8094944f7cc42d19b3fb4e316b943957074ff75de02cf8519898d25a21bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:54 GMT
Content-Encoding
gzip
x-amz-request-id
7Y0MFN4X9P5W6GFT
X-HW
1662977814.dop235.fr8.t,1662977814.cds217.fr8.shn,1662977814.cds217.fr8.c
Connection
Keep-Alive
Content-Length
56
x-amz-id-2
XCSFpT/1Hx0OjkXXriaEjSsw+wlNDE43zft7hdHLPIeN9OELyO72cjPE4+jhKNWBInhiYaByxRo=
Last-Modified
Mon, 04 Nov 2019 20:32:43 GMT
ETag
W/"c0daebcbb86b55ac3f3fb3b47781eb75"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=705
Accept-Ranges
bytes
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 914B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 99C2 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 04:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:52:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 99C2 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 04:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:52:24 GMT
e6f40d138158e41bbc4290d1d8f9ae48.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/ Frame 99C2 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/e6f40d138158e41bbc4290d1d8f9ae48.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
356261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22268
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Thu, 08 Sep 2022 07:19:13 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Sep 2023 07:19:13 GMT
demconf.jpg
dpm.demdex.net/ Frame E516
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5368D1B8E8AF98?159660913
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=5368D1B8E8AF98
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=5368D1B8E8AF98
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
52.51.99.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-99-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v039-071645afa.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cH014ttTQOM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v039-057567d84.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3vXzDmwvTN4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=5368D1B8E8AF98
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
2863405.gif
cdn.flashtalking.com/xre/405/4050628/2863405/image/ Frame E516 		800 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/xre/405/4050628/2863405/image/2863405.gif?356883289
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c0b8094944f7cc42d19b3fb4e316b943957074ff75de02cf8519898d25a21bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:54 GMT
Content-Encoding
gzip
x-amz-request-id
7Y0MFN4X9P5W6GFT
X-HW
1662977814.dop235.fr8.t,1662977814.cds217.fr8.shn,1662977814.cds217.fr8.c
Connection
Keep-Alive
Content-Length
56
x-amz-id-2
XCSFpT/1Hx0OjkXXriaEjSsw+wlNDE43zft7hdHLPIeN9OELyO72cjPE4+jhKNWBInhiYaByxRo=
Last-Modified
Mon, 04 Nov 2019 20:32:43 GMT
ETag
W/"c0daebcbb86b55ac3f3fb3b47781eb75"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=705
Accept-Ranges
bytes
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 307E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B5BA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7mC9xFdZ3yvqci9exfR0RUkY3XV2PG3HmTFxsloXg2EFWciZ__-xltlaC8CcKUaT7N0m1bG0s769UZuJdCoGLpgSesRQyNm3zkME-dBIp6Z8Pr2rlauhlV_UOS1GCZLHS92pUPwIf4IW9mRLxMvZLU5hWSsIcfcRQiEZHGcdAmUZ4M-qfKVh_2QChabXbRd1JxGeNsJ1S4XYO2cqUJLrSXPpsgHX5xNzv5wWKRCdPjai9L3tnhpfw0_U0aG-XwoOGVDp01Wi4vN4ly57_UTBJVhK2Sdb8QglIZJb_xk3sw7hfFdDcCmoyMTDPF-S0iNWGlq2HAT8GkuXVEwsgdbtMNZQ28fQdhNw8X6qgr_gkJeTC2FqqDtiD_v8&sai=AMfl-YRWCW4NyvT21f7kP-Mn3HrOUtEUBSk9uh6fvNtdJ-qKgUzN4UFAlSj17MwbnQFK4Cvx8zGVtbeL8Pkw3qV4hEsCDlNdlTd5LXi4xKLU3l9m5kFvn8n5zSUWF--bqoV50Ss&sig=Cg0ArKJSzLWV_nhfRfrEEAE&id=lidar2&mcvt=1050&p=1172,635,1173,636&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4230775942&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662977812730&rpt=611&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 96EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 10:04:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 96EC 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2EFB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHS-6PgkzEBKNynCqFavxIPlbJQm5pw1ZnqaOB1J-khSU-qKkzokcdESj5EpMcOT2yTfFWBgHjFD2UPrb-aCEYOZuyp13UWFDa71WOr7JGAcooo2Rd9jocRoOih4i8Tkl5iUzpQAOLPs8pV5sN0-LJ0pok-r6A2FFRjD3qYKi86m-1N7zaKjZSEgJNd5SWoyI5gio3M0rFA1uQVgMWg0tbxGPXz8D8ydFu-5QDRf68eXhSjGArbaM7KOoKvoUyKZ_FRFkbCgFGoCPdcGBXmsR5b_Kkzs_1zZLeNdAbQlPCLty2hhWdYSYsVe3M1ITxqauw2ezbvQLHUR1wfgcbR1p9XL-bo-lGz8f4uJwWzYyTQk5FZZURP1-QZv64J4h7RW1c8GH8XkiXhnKSs40n68Tfr8BM-03R5_v0YQ6TdlW9VZ-AVVXZ357HtXmiNm713kA6QzNnnY_KYfxkDsh7muYbNb4pu9cs-s2v3B9Tyk1SwHb8wwEabUtyxNcHQYye7c1oqxzfV4GgCejADt2y6qh2jX7vkY47S8WJVqPhQKa9Hzhg1iOBHnPZj_76k65OUA7em4fur3otgpYcngmKshlP6Z1KLGQV3UyvW-RTD1gFVBbsSyjFF-3sQ2sBPq6wJtrR8A7e6k6Bw7zDBFf272gvZLF5bdQQPLpeJ8avHGtbAU2zWmHB_vuPZaSet80qwfBsfOBByS4m3CRF46zL491-nOFmvI89p8JBouv6CSiV3vsuErmN3NTlCX-zcNCALNuxx5fIV8jKJJjyWIs5klLcjluGKotwlQ77fCNhttydjworkAt5pTdzsAkr2xUMmZSQejv17p39yzmAuAnUnJ2Dl_GBl76Kt6OEBaap_wLnw-rmHHNgFb3ybnzAnDKSbjjDFS8DbaJygupy8yHhJpAGasDizekYQwdNWmXsjNSzBYiJqh7udlplSCb9Qg6Ltu4uweOy1QZGO-0YmJmCSeZ89spkAYiYWIk-zxLZKoxWjLVA10rG5df9NQ8dm_e3RewJujM86_GgwpvOfLJrtT72R9KEnPSROa5DJjUt9NRNnAaTEKIcIIu6HtHhdf5P9_7XL32Y6HuNKVhNbz04UIh2JA84JFupYTFm5vh_4HQQBFyn7BerhbbD46O3cEW8cMGIiHTP-XbVdJ1nwlsrI0dsA4AokV3Cy4Oplc1RHlYbM_-Dmg-riZiiHvYHOTROmSeJQgWipun8EGZPCFhJnbiGrN_yFPCe&sai=AMfl-YRPkZgwNUiTfXW2fZJIS1pSrFiOnxIreJAPBXlRoUrzkkICp_RiQmqNazKr9DjAR1bL8FW6kuIy-2I_gLv1xvGzeGyIHr93Ypa33zevIXUACPNd59do2k8Tc42-CXqXlutdBB7OotULVh5uaFn5HQxjhHQqGINwKZXKc12U4WUX6a-GmtepTZHvy2qIBmH7ENr3qn34JCKCgja06rnWuMJ_ZEr61gidOo1-&sig=Cg0ArKJSzJIc6Qyz43x-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1243&vt=11&dtpt=807&dett=3&cstd=432&cisv=r20220907.96783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/harvest_moon_festival/?utm_source=esep_harvestmoonfest_remail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame C4F8 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 10:35:56 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
age
85259
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
YMu_BVNrlM3_c-64FbAD72n8eWwY6-mlnSMH3GNwSpquahhZUsT6Dg==
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame C4F8 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
age
34300
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 00:45:17 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
FLa5q13YrwNLRisBV7bv18CjP8VGYBrKVura--l6GL1qmHxO670ctQ==
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame B5BA 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 10:35:56 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
age
85259
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
6QzJtYB1vdWkVm0qmMlRbVMi-c772dHMWp5IakmVGdlIUlx0rasMJg==
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame B5BA 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
age
34300
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 00:45:17 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
GqlCPxy405Q3BHOZ-WD_ZV_3bfRJ_0hRpSgGtfDfG6y8Vnbtp3YRjA==
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 028D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
visit.js
tps.doubleverify.com/ Frame C2FF 		724 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=205&ttfrms=45&brid=3&brver=105.0.5195.102&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%60ab8C66E%3A%3F8D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%60ab8C66E%3A%3F8D%5D4%40%3ETar9EEADTbpTauTauc2c7ce7f276_b6egdeacc_fbf5d_%6054g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1098&ddur=118&uid=1662977814561430&jsCallback=dvCallback_1662977814561798&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3057&tgjsver=3057&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=21&brh=2&sdf=2&dvp_epl=235&noc=4&nav_pltfrm=Win32&ctx=26387868&cmp=28464866&sid=5952739&plc=344880547&crt=176944100&btreg=536260203&btadsrv=doubleclick&adsrv=1&advid=9758366&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=3562508833.6554465&dvp_tukv=1443721622051.564&dvp_uuid=9289967872.05519&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1373129269576
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3057.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
cc03fc22288f7bf01c0e91b022b863e5a89267d259d6a31c046c86af16eb46b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:55 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
close
Expires
09/11/2022 10:16:55
txt1@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt1@2x.png
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:11 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2563
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:11 GMT
logo.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo.svg
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330975
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:20:39 GMT
bg1@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg1@2x.jpg
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:11 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33919
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:11 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 5354 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
css
fonts.googleapis.com/ Frame 99C2 		2 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/e6f40d138158e41bbc4290d1d8f9ae48.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 09:22:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 10:16:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 10:16:54 GMT
cdb495ae4186570d42a72d18874d91f3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/ Frame 99C2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/cdb495ae4186570d42a72d18874d91f3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec40f70302c534c17d322755537bf5be0e751fc873539d26975a38f638222662
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
463183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 07 Sep 2022 01:37:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Sep 2023 01:37:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 96EC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:52:05 GMT
dt
dt.adsafeprotected.com/ Frame 287F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1&tv=%7Bc:nZGOks,pingTime:-10,time:1165,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662977814875%7C%7C449e6a1a361d1cf23cbebda3033f771f%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7C8ef3e061ee0715818611f7715a986fed%7C%7Cba8238ba72aacaa8288be8606e996131%7C%7C13c599b2876dd7e839f1b9a6fd4ef050%7C%7C4e3d0dbbcd0355250f7f6ffc993b1210%7C%7C44f02e9a2165057f89719686b1a42ff6%7C%7C1629390669%7D
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 99C2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options
nosniff
age
103634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 05:29:41 GMT
37a68e888db09090f270ed55ce28149a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/ Frame 99C2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/37a68e888db09090f270ed55ce28149a.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eabe44fb6e4e31873481ad2d244c7061be5ce3342ba56268cee5a580fe4294a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
463182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16654
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 07 Sep 2022 01:37:12 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Sep 2023 01:37:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E516 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYLSpCFNVLfclpZxcnEgU8xCy01to9HOe4xoFD4vRYDLnrvFsVTylsTbXdj6qF6dIVE3Ij88lUYpGudBvJWRAx8eKZkl3k-qw_azszdqQBvh7NvdCxZ3ZR6mHBj4M-y-eILvQf_4s&sai=AMfl-YTdfK452FtULisrGj5LfKS6gjOGn9s-lUXmiXesk1-u7u0jRRjxIC-5oeactpCb_SwBJXSCs8Z98uerF3sBcwSAL7DZ_TXOEdI3WtWqPx6H41II-PuUPhdoPSvBWYrT&sig=Cg0ArKJSzD3qCezTY433EAE&cid=CAASKORo4Wl0x0teeTHvViWwK1aoguFBTIsp7u8b5mK1xIzWLCQXjq1qg98&id=lidar2&mcvt=1014&p=236,970,488,1270&mtos=462,1014,1014,1014,1014&tos=462,552,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1127719608&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662977812604&rpt=1373&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EFB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJduUsLkhDdCFhcJUxUzGDXh8CGwKwXA-9094N6JkrXrwC6pzmKCoeuawYS5AqBA44XjUdH-C_gSAlkcJYZq5XpJvOxnLXGg6-eehgb_bWHFOOGP_IIolLSi37pgaYDxAdLikJXj0&sai=AMfl-YSyNk8lLudIyaNDWf2lbmd_PHsRZzgkArdxPuhIclt7AbWKO6jLjuHeD5wRAmqe94rjfTXx0B7MHXAbMKH5JAoV7JYjvwynONMOtgayR4dXmxHTwdEFzsz1-5T-Idqx&sig=Cg0ArKJSzBYbkKwvtCo9EAE&cid=CAASKORoljeyp5hnWohR30xPlEDSaAfcvcuCceHkjyvc68YSW3HMmUAr4LI&id=lidar2&mcvt=1016&p=47,560,137,1288&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3914305483&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662977812596&rpt=1353&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 96EC 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMep3I6Dj_oCFdXs7QodtyoFLg&gqi=FQcfY8mKG8SLtwemu4iQCA&layout=/sadbundle/%24csp%253Der3%24/14081140813452513368/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 914B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YzmZdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
geoip
avm.avantisvideo.com/api/v1/ Frame C4F8 		216 B
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
216
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
j3hDVd43VmxMjNa-wkER6v-aFfwnUSDwyozMyfeHt9SlFjPiPrDsxg==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
SO6T_b--FWgbl42DuySqK68g0n5sDHH9XnlBKgbrKj_NCvCsqqErGA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame B5BA 		216 B
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
216
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
sPE1AFEcjExQ2pRrdWXF5oV95LIzsHVB1jwfkJinsaruRP5p9nvNJA==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
e25FrHnq5Rj5ZZYNKsbrzx7KoZslDfxCoYS50q_ZdvjxSKxgzPKRQw==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ Frame C4F8 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame C4F8 		216 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
216
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
OHAykzx-YJKIeQk1pMPPwGJLoXy3m0jToS8w6fCAcEqcrqQb_H-3sw==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
7BP20HRL7auxaV1picckjMjUYvR5c5-MYK2GKd9huhDNVEwKaJUPBg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ Frame B5BA 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame B5BA 		216 B
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
216
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
N2tDf5BijO_OTGgmaL34wgzKqGth_hSWd1LNTiVLjd5vk00M8-SWVg==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
fYCOJeZ4-AKAY2m0cWm-4osu0fA5kGdhEeFGQJxIuHBUfQ1lFaFuUA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame E516 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=7428862f-96e8-4d95-5bb0-2ddc2062d845&tv=%7Bc:nZGOrf,pingTime:1,time:1519,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:100,vs:i,t:454%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1519,o:0,n:454,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B446~1%5D,as:%5B446~300.250%5D%7D%7D,%7Bsl:i,t:454,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1065~100%5D,as:%5B1065~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c*.1164679-65554027%7C1c1%7C1d.1164679-65553624%7C1d1%7C1d2%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame E516 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=7428862f-96e8-4d95-5bb0-2ddc2062d845&tv=%7Bc:nZGOrg,pingTime:1,time:1520,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:100,vs:i,t:454%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1520,o:0,n:454,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B446~1%5D,as:%5B446~300.250%5D%7D%7D,%7Bsl:i,t:454,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1066~100%5D,as:%5B1066~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c*.1164679-65554027%7C1c1%7C1d.1164679-65553624%7C1d1%7C1d2%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
events1.avantisvideo.com/ Frame C4F8 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
truncated
/ Frame 96EC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1374442b7de3587c311825d013e98dac7c4980b1f6d13ff3830c1825f453b151

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 20F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6WJbhWFGpuuLepLIhyNDqrNpgdIes9rEfX1FONdqQtYXuWsIjeYoabMxglXFNqP4T9Lp4Hm_piMvVf0dirNsGYMc2Q_mlbcXzi7-VtXnLonhjajuSvPh1q7uaRmHEj0rrOTD7qblvNR88lMc1KMu_5D-PYT-L7I-u14dSmqcXxpAgUClPXFBYG1PV7uDVh9lcDbH-KHEe8IkREkJ4p7JF9n7pQ-9n_0OLYA-fsjSOhb2WE23DDW1lvmxATFpZ58CoTKYijQIZcNr34L-_6l_o_hSoEsjUEKLkC6q2QxQZ_9btT8GBNdIRFNYLpJNQq06vMUnsnjPIcl2XZFX5eIcN44dhum5lI2AUUeAPQw&sai=AMfl-YS5sLxcUyST4r7HUe1juyp8wDGu9vVIGyjZGPShQlUpJvX6dUJ7MILZsmc-_5c8R0K2aaG0IxhhtiJbRgbQ4WIA3e0ouWnQy3tW3fD8pg5MEEgSRYk6CS0QEkaY1iXiu_g&sig=Cg0ArKJSzHvTZcHXyArWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 10:16:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 20F4 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c5631ab425355e7dfe4c122810d96d2283b854c5281d5e019bce698f4d24171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 10:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11118
x-xss-protection
0
/
events1.avantisvideo.com/ Frame B5BA 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 287F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyeaVAqDG8NoHSvHpY95M4ZXsf3mGrgRqYBY-iGFlysIYaHDuInbjVd9QKCsCASFGjkDbgxKjJ7xddttHbKCrov1lcNaQO9hgy46tVbaBfSYnhLBcGyHRtkrbytFdTvRJBQYQkrNo&sai=AMfl-YRbE1FaRHfbLVJTB2NRRrYlR-GHegOQDzQcevdENYbO0DkaHjs2BFiJMaOQb6Aqpf7uVd8TnDhdnCYM8DJonNb2U16ANOMttNWu1EEsczvRK_oy4IId7CPKnre1xY9E&sig=Cg0ArKJSzFv9ovTKQVzTEAE&cid=CAASKORoTknpdAIvLrIHksxBDF8VnPdV0x8oNuR1-QNjvpK4uWETxKdPdWU&id=lidar2&mcvt=1078&p=518,970,770,1270&mtos=215,1078,1078,1078,1078&tos=215,863,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4293624944&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662977812611&rpt=1601&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 287F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1&tv=%7Bc:nZGOsi,pingTime:1,time:1651,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1651,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B573~1%5D,as:%5B573~300.250%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c.1164679-65554027%7C1c1%7C1d*.1164679-65553624%7C1d1%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 287F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1&tv=%7Bc:nZGOsj,pingTime:1,time:1652,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1652,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B573~1%5D,as:%5B573~300.250%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1070~100%5D,as:%5B1070~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c.1164679-65554027%7C1c1%7C1d*.1164679-65553624%7C1d1%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 99C2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 20F4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 10:16:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 307E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQPEEFAcfY9fPO4yq3gPE7rWYCAAAAAA4AeAEAg&bg=!_f6l_rrNAAZTikH4c4o7ACkAdvg8Wvr7KiVXEth524_e0MACn688sY38EvvzB_Gy9fXcIcyEJ93ohwIAAAIGUgAAAANoAQeZAxvBSAk855AjYC9vGvINK0mVwBtsuhKG_rKLXuidzjFVK43DrcyV6bYMVFTedGITUtrwfCLLfb_rtzfU3HI457-7kEpU0NUYO_5l4an55TClNJz675ekuIUmnC4t_qFRjs4ACgPi7gOcRTN-YBoyt7meVReG6Eb4c8ogXmCO7SBgVPesoxT_VUj6uIL-0JWK5BpoebjH93FuwQph9TDIQJR_Ls5JqgP1hGzDaElsXoAwLBLCnUOJQIOvWP16JCAc9ThO9KIzwwtg0ztYMVahqmWVFclNjoDPzHaDYN4upOKOaQOR7fZmtzIf46E2mQjjIEsFCUmPAWH3TVShMg8yNu3asjR3bwRHlLPsRthVxY6d-ZWGTFVFzXsZ5Y8YTmfFfgN2f6YGvKzB7TugpIf4au1OSW9ckxPfps3lbh25iSxo3MaC9mO7R1h242ep8SkbaIKG1WKioFCP-0TmcpU2UbZXoPtVSe3RvhUfGCaeXpRcqrwKJtUsj1G2l8GWc9XbrAzWqJwTvOeiBmkMdWo9R924p_9B2Bu2B9gxKNP_UKJG6MvnglAYFDhYW8K39w0MXRdlVXjHVJ_GNE-nXBtnTig4ERTy2qMESpnceSDq5abk6C2pVYoSwqsdIj3nyHN6fMbnCNE6CjtfbfgHpRcGonPy133ITnXdK7j2ejCDIY8YKapu4srCyG3MlLPate9YjfWhBD0d8SWU_8Kp9LWMSTpqZY8U8CN6B9U2tTzsaiSjDUUXefC-cfRNNfXakJCXYqyHqQaMTE-o201mmZZnpcT1C2_EHT6yUZIRss1ZT_c1aFvBZXSgFQ0o90DlW4PcKjNPiRbaUYGRrTlBSgBe0E2ZV6J9CfpVAL7yvro6KzHHnp81pVZSyE7VfmoYgdB3fQ0r0nuUpMwAWFttF9Nbc7lN5WfmXQDtbnvbLH9oolhcK89ff_yxec37jMEMkDYOPBnNA0jqZz1vXCcKVCz5yKR2cT7pvQU_Qk_U9hCiMRlON6oAyj5VVolcjvsXh5cf17DCH-qGXnJkeAN5XtnePMIHsl8ZMoJvYpOdGbo
Requested by
Host: 4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/ Frame 2082 		1 KB
447 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:20:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:20:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B1C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 09:32:53 GMT
expires
Tue, 12 Sep 2023 09:32:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 626C 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bbfc0ac2b100afdae0b8fa5f236018f135f2e8db69c776b55554baeedb471bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xl_AOafAWSclv8KGKqS0tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-xl_AOafAWSclv8KGKqS0tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:16:55 GMT
expires
Mon, 12 Sep 2022 10:16:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
txt2@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt2@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:12 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2605
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:12 GMT
txt3@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/txt3@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:12 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2903
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:12 GMT
disclaimer@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/disclaimer@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:12 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1713
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:12 GMT
logo2.svg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:20:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:20:41 GMT
bg2@2x.jpg
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/bg2@2x.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:12 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32877
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:12 GMT
legals@2x.png
s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/ Frame 2082 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/img/legals@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12938761469355988853/46-IWE-BrandCampaign-Leaderboard-728x90-Brand/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:17:12 GMT
x-content-type-options
nosniff
age
331183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6340
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 15:58:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 14:17:12 GMT
video-loader2-cr.js
cdn.avantisvideo.com/js/ 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 10:35:56 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
age
85260
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
HTIQIHmwM_O5u0Q1qbcrxXSBj6n6ODL3pXVWBGrgtKBnWanS_PEZXw==
dt
dt.adsafeprotected.com/ Frame E516 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=7428862f-96e8-4d95-5bb0-2ddc2062d845&tv=%7Bc:nZGOx7,pingTime:-10,time:1883,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662977814875%7C%7C449e6a1a361d1cf23cbebda3033f771f%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7C8ef3e061ee0715818611f7715a986fed%7C%7Cba8238ba72aacaa8288be8606e996131%7C%7C13c599b2876dd7e839f1b9a6fd4ef050%7C%7C4e3d0dbbcd0355250f7f6ffc993b1210%7C%7C44f02e9a2165057f89719686b1a42ff6%7C%7C1629390669,sca:%7Bspg:a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 626C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=746443317389060&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=esep_harvestmoonfest_remail&browser=chrome&utm=esep_harvestmoonfest_remail&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&eu=true&country=DE&hour=10&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
2771
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
TM8pihytNi6PQXQ3G0ylqlhcGBWnwyF8FV9bumLhxCbuMOuGbcqxkA==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=esep_harvestmoonfest_remail&browser=chrome&utm=esep_harvestmoonfest_remail&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&eu=true&country=DE&hour=10&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 12 Sep 2022 10:16:55 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
qK8dQaL9LYDK81JgebDoebwLAPqVL5EhRNAC53RgtwOneGeArvildg==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
age
34301
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 00:45:17 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
BFaakwTweUo2FGLm3e-_ywnRNsykFbnJxtxQQUuntDArh56DsdeQHA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 028D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW9CZFAcfY7vtO4Ks3gPY376wAgAAAAA4AeAEAg&bg=!REelRwPNAAZTikH4c4o7ACkAdvg8WnSr_8T9uFqgX5Qj8qvdiMgRVrGX6tOa2V6p6PsFeZCvIqABigIAAAIkUgAAAANoAQeZAxWdemCkKGM2TXDVvqqyVbeqIXDzd2mxZUiv02d7Oe4cnDfrPuVN5LiWpTMs5hntizh-AMEycseUt_wStdxtE1FIeuPl6_qlHJ-ebXYrUUV1vv4u0OA7lLN-VKQkSlHaeKAxvTTwmCPOPNGsk1eeAY3Ytz_xxwSWJC3Ap9TKp4Oqye1OWY4TDP7l4hwCUx1rRODwmP6jElMEXtAXuFqa2BIQU43S3irKqLIRcH7v7ZZ03jkd8FJPAhiVayAX3TngE6CQKk0Xz8ccHxNHdFuTuizQlQMdGJ59qxKjutlZAF6N_9LCACXFB1snhLp74KHdX_MWupa92tkYXlTZreI5F0TC1hnWbYhlpBF4mRbQdDu6UAFkaOXE_W5VMml5Ab3QvnPq1NPbdcG2DRlCPSA14pwL3W4dA5mlD1lv_i0AmEUpSn1Hx3mSctIDQoiVLZAOKXdGQ4bQEH-VurOElif5w2-yifhW9pnqxadv57aH-QTtF0jKZ4aoQWjmSsg5Gr1hfZntQbE322HGgvzPW6jgOx_XTpjeEGJoiB8Q40w0VwJ7hRLGGatqAt-QQ30xyOHpLudzSQqaITzQ5F3IspqmHIYgH2yIyzN2A85m-LZ1xaLHh9GxwdpxvuUXDQuIT18MBe_xwMXFrKL8E1TZPv7Palwqt9f4meF68wTf0QPpaRSmIVkOHk5gQ2tqzGWOd5sxFmBNi93S7Jbbn1AwNqcFseq9CFzc4aT1KJgpEnz0d6kR6JQcHA-xIYDdD3r1IG1lkRjxqWoEziktGdvQWQUdopYcs5g-Y3Mpjqz4Hn2lIyYx6RqSKBAvl48P-YPBt_wruqCERH_9zJ7uVECrf-J1jMOSMoVuxtcKqhitPhQutDzdhwdJU4JZj9dxnPgN5pt8MVAYeAshBX2PKApV15N0MRZXDDLUkrWgStbT3FPTOUeinvq-C_aSkBUKlRHSK63wlNQcjv0NG3JJNXmOkvpre5yGpWSoIMtq6vml8nizsXhzuis4D_1WsQjMqq70Vk1iF8ah4noVcJOePF92-yMkqpZ9vCOdHIg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 3B1C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 19:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 19:08:06 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5354 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVI4NFAcfY6P8OqWk3gOOqaOIBQAAAAA4AeAEAg&bg=!1Nel15PNAAZTikH4c4o7ACkAdvg8WtxVPIq38bU_EkR4-dctUUKB4mUWVzRngzad5vIQumjuJmvtFQIAAAHVUgAAAANoAQcKAFiptBk_Gad-H7YRQRfnx3LJETNAJmitPCP8q5YGZogilEVNWfjbND06nw5Q84Ynftbfe-tqiJFRh13SShHYLE72V9_pFaMe5n7csYrFlmamTcr6FyBtfK04mQMuwMWD8LMqb7SSVMt6BlGl3WW3UZXB9E_Njem3m6R-LyqqV_86NWaAM1w6ixpJztpSPvTAHZFu4DqPWmHhPf9F0L0hrZYdxZ9eJXdK1qcuKLFXtKddKGKjpVxo8TFIgeToYbyFcJbneJXyCyTRwoYNHCLYainr2lTQ4LTPtQ8dzNhii3IK66H62Ab4B8OMN8FmzB4P0IL2ItT2Zt_o7P5jBPX4QptbdnNE8jKuvLKIjklvnYycC8MdnLxhXP15zaKMb-MATFDjiSze8shwkgnV4DUQbmNotUovXKGY1IA50wQwQt7LdkQeR2YeefbgYQf6Iq3MoQGO9tdVI19ALmnz72-MGwRCV4W06TxGwvbnxcMGCVHiw9XqlGkhYkcTrP-Yula087OqsAUVmzbFGntSr5R3KMwwwuif4sI6sa7CkYCev1evQdmDeTPkCIeCCXy_Mb25Mg-GPmAzgVSGaxfBEpZ8WnRNr5BwfFuT1GLp9sdsnw13HCKBsfXL9ODdV5-nprzLaVMXHvR_g47s3YhiJmCgwxnYvMRUPYYlqqgUvkjj5dKkVt8Vnq-JrgCUP3_mfRfUR2QR4R3Kik8K5CAItfAqg-rt9h16ddN9usnX64kevPzjV2IZPpupT7z0UWdq7H8jz6r4HMhdAP8tcx7OiQvUBLGEXoYAt4OhGF_Gp5SRrVHv0zc7DtreLWzlr_kf3C6fHjhcCPfi7KL53MVhX7q5Mj1s1AkmEcflHOdJFBASlc75c9j8eBRzHPbSNlt5cYIGItuMNo1d_5ARdpPjLqL5cC1dxzH8gdrZJmUKFiMrXxIgKSFsZkTCDbWIpMlXkLUGqvGF_VRrIu9VMvjz5QYRcQiq2_T8ydwAqF1kNRSQGibH3exa7JXT8C3ud-mdVn3JdjJU6_9rFVTP8GEyJl8WOY1BGCWJa6wjI5gM53T4DYAjn-FUdZn-VZt3NdBKPXSVkkxmhnWSdhv63TEtyHkIMpMM8K7N0-xoexiIhxabtsCyBIDYc_GV77cEWrKan7eGHpDcfQrOIckYpRqvoUpwiG3RQMp7HMCx153iILL1WocLf-WlYinTirkjKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 3B1C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mW7_7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=592777021610199&bg=!ERKlElbNAAZTikH4c4o7ACkAdvg8WuoTwfEZ0SoP9r7Mb1ehytAPpdxNA7z9fHSSLC9NB6kTatc-PwIAAAIgUgAAAANoAQeZAthFAAI4Ly1z5IWl3HKJbO-ebtpkfOIbQ0ssCFsEri3cJgwK4nx4gk1SwImPgmEHnkpATfRdL0raoOyyWhFR6jo4-xggnNXM_ayab1VIcMa40joL4lzL64XmmP-5RDrNx4WuEpQU742E6y8_XI2xWuYjWnXIot386fFVpcK5pp0PadY2_3iLUbfwI2YvEkT1D3Lns-Kff2PUUdDOGfmnLXSgrCvF2eGj0CxzGmxBJ39-7QvoX_MA8kb09Y_5ZqV13NQbw6cZCl-9rI8rfotKAGidyBKrBvFyl0VhlYEzGl1GQBxa_3apuiCKlnHHUs6j2_G9Q__K5jxiaZfs_APwN6vdIpmnZNuhwGfBB-8YQyf-KoMoWTI7a6f8iWpGqcDixiSbEs0rSt9oe7jvPNI5aaHb-_X9YhoQ7fSbIu7CqnAgZ45aaCguAgfuOkumHi568Bflll-qzJdxpkxA3jfnFq3hY-swIWHzuyCjZdWMon5x9pGhxenl-cYJxzAaaaJusrHiEpzDr8HqLlNNyonWlR44HLVhcSe6tT9EB3coOw9t17TVKqBC41MFaRJoauezHSu6R2sExd3PBPHXinb7LK40xeHVlpAK_TKN7Q1AASlEc3X22Fw-usfTWWMH1-9ncrt8iylw4PL_Y2shZdarbKWT8zKrrHLmiXN59K4rYaM_JqyivG6EzuPxJYjH2BI8AkxBLpxR-ePSdHI7WOpf4F1Z6_KLCgqQjXXc1zGoFN2SBoodah9kQ5YQS6dOS85J_ZsaTt1qjEYioK_s47I1d4ImslsVrvg1X1oMGVHK1hXctARKdLuqPkdtiSn7h_WFmI6S5oeLdWdv7e_J3Jnk3sl5hqYc8jojjRiE8PW90A2iSxXp1D2WlHCEjCu5GpLmbTahMJZO9Luvd5TvOpGZsIgmC2PH8NSwZUgnCcsCRD4uy2iKDJ6QHP11PkJJprjYTEPFLlfjmR2VKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
3.071a3bdd9711b74edbd4-video-loader2-cr.js
cdn.avantisvideo.com/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/3.071a3bdd9711b74edbd4-video-loader2-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
vGDGbENE468pAhP.jbDfEWCVTKLZO.Eo
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 07:12:04 GMT
server
AmazonS3
age
31995
etag
W/"97f2ecd515fcc6a9d26763251ef08b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date
Mon, 12 Sep 2022 01:23:43 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
IZS97lyYgKcHje5fAvJ4xVc5sDtUdXw0KTigeVeziO739js7JOXYVw==
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.071a3bdd9711b74edbd4-video-loader2-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:56 GMT
X-GUploader-UploadID
ABg5-UzoGnLBMGCHS6j7VTsUr7AZ5zBWHdzdjjYVYSRMqe-BYHEVKNeKmDso6U2X_8wPYdYApM7JF1x02zrA-K1QJ3UxKuTJQg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Mon, 12 Sep 2022 10:46:56 GMT
aniview.js
player.aniview.com/script/6.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b4238fce65430ce1851ded4b19658654d53a08095b6c2a282d0f8f3fe41f60a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdswBa5b1NgXNkn_dqURDEmwQg217CXne11q0yZHySZq0jU7YFxeHwscBG1U08xR93mrt70-vZ84AZoVEqn-xlHzYqBqEjxt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9906
last-modified
Mon, 12 Sep 2022 09:57:57 GMT
server
UploadServer
etag
"da9b60060114b168c1690a1b3bf85a4e"
vary
Accept-Encoding
x-goog-hash
crc32c=YrT6tQ==, md5=2ptgBgEUsWjBaQobO/haTg==
x-goog-generation
1662976677842937
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9906
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame AE71 		390 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8d77272e667edbd250940ee04a90ca18c05443eb72775e1b19c9999b57983226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvLoLKV4itFA-PDW48btysFkWBPVgKJ9pSKKtLCBjW5e2v1aAOgVn6pXi7ROcxQuyv8X5aTxWf70s5oFjKFb18BTXVTTrdf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112393
last-modified
Mon, 12 Sep 2022 09:57:57 GMT
server
UploadServer
etag
"821f136decc9ce574806359a9e44142a"
vary
Accept-Encoding
x-goog-hash
crc32c=6STPyg==, md5=gh8TbezJzldIBjWankQUKg==
x-goog-generation
1662976677830731
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112393
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame A1E3 		390 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8d77272e667edbd250940ee04a90ca18c05443eb72775e1b19c9999b57983226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvLoLKV4itFA-PDW48btysFkWBPVgKJ9pSKKtLCBjW5e2v1aAOgVn6pXi7ROcxQuyv8X5aTxWf70s5oFjKFb18BTXVTTrdf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112393
last-modified
Mon, 12 Sep 2022 09:57:57 GMT
server
UploadServer
etag
"821f136decc9ce574806359a9e44142a"
vary
Accept-Encoding
x-goog-hash
crc32c=6STPyg==, md5=gh8TbezJzldIBjWankQUKg==
x-goog-generation
1662976677830731
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112393
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=esep_harvestmoonfest_remail&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.54&apppkg=&fv=3&proto=https&clsid=1a718acb-4f56-4988-829c-c168b4e563e8&rando=36&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1662977816322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&AV_SUBID=esep_harvestmoonfest_remail&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.54&responsive=1&sver=2&avtoken=816321&omv=1.0.1&clsid=1a718acb-4f56-4988-829c-c168b4e563e8&rando=36&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1662977816354&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.211.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-211-237.compute-1.amazonaws.com
Software
/
Resource Hash
ed1b3bf041c20e7b664b61376e565f9302ed3d6efa5c47150c1d3912ca98a789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Aug 2022 20:30:16 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=esep_harvestmoonfest_remail&ic=0&tgt=0&app=&wi=600&he=338&test=4&d36=6.2.54&apppkg=&fv=3&proto=https&clsid=e94ae582-b42b-48cf-af94-3f6e8e9f6f0f&rando=2&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=100&cb=1662977816371
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/4/ 		30 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/4/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&AV_SUBID=esep_harvestmoonfest_remail&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.54&responsive=1&sver=2&avtoken=816371&omv=1.0.1&clsid=e94ae582-b42b-48cf-af94-3f6e8e9f6f0f&rando=2&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1662977816389&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.211.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-211-237.compute-1.amazonaws.com
Software
/
Resource Hash
15a0405a9c69fc016ac97e06e991cf3ec33046ee5af05301223a1f86064d63be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Aug 2022 20:30:16 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 20F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=746443317389060&bg=!GBulG1_NAAZTikH4c4o7ACkAdvg8WiTbLUY88YMbP8hQCmk09I3F7kh4UDJIlOhPqgjj_hHwgkbK-gIAAAB8UgAAAARoAQeZAv3qEypCo089RiBVx28lZBvevN2QvuvTU3dcG-SvNQojKj5if6-x61OG9Mm6l52M2Xbp-BSKYkoh1_h9Ou9WUShCN95pmDQzC1Qihn_e_bDphQO-oEEdIl5VCdfheKCAjTvKq0vYsIAyJBVIsQ36Hgtta6Du7U7MdIUhuPExMS885ETp2TuiC5uwSiZCCB4ioLMuUSIiPGKbdv-WmEFNNY6VH_5xJFc_rfgkBuoHft9eJ5n2T8Ggyy373Bq0uKiQXUGgFeGynAUpGStjXkGj2ffw5pY8OMb0w8CiNvJPPn3Bfq22YvnwkqdlAeutc-88VPdnc6eAQTFfPmw_fjZRh5fR3WZmDslz15dO7RNDPTJ8Iit_hkiobKVcuqfwNXrlBzbqrGxv8RFQIlY7NakmUHfppWSTAYztXGkWd9vPBH6kehjj-ChPlcdolyrCfn46TgCUqvY70WMhYISuoBGwdurTURi2GXzgZYjppqUnpHlllIReX0ryaMHYHC2-VnOfzjZr0PXDYVXLuByuVfDne3Olzj0ES8MGWnbBzfZcfLQBWBsenAh1q_suNk-zBkLPs6VjZA_PRUMjKlguthCYnTzIv42e-tRrMucOpwoI0gi6zTRscWZPzXROpalBTA9nxhlBFl5va8y5iLsG3uuRp_-Su6eXFVnzplMTbbLO74vRd3C1-shc0iIcjJMYBQY8OWkiHcOGIEJ796NQuZR9_ox4QlKoZPLT5F8ckmMr_g811EBYKdeio7uNMxsKS6ZploOQiOZEMLPOtByegYSSX9K5YhE5cDjFZHgj13f8mtppVQXdcjXySkVQ4yp9z8KX1WeOBacb81ZhGxDRfYHT7vIFdK1dW8CXE-hbBkCRRSBEZiiVoi8cFbWy7MVppPuAvD9MLrPxw3TnKN73cvR3eT1kE5j5Wd-TAcjo9f4EX8NtIpBxnO4fnBr4B0FDjliqtW2KlDcvtdv8N6VqEje7ZyEF4a5dBOWJYez57tSAmkcvkfCUGVmBpBYDIIh0QKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977816710&oz_l=106&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:56 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cookiesyncendpoint
sync.aniview.com/ Frame 6789
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=55&key=3336921984697199767
0
0
pixel
ap.lijit.com/ Frame A810 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Mon, 12 Sep 2022 10:16:56 GMT
pod
X-Sovrn-Pod: ad_ap7ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame 157A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 12 Sep 2022 10:16:56 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
services
sync.technoratimedia.com/ Frame 4211 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1662977816666-920457583926-008341-006-009519&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.123greetings.com/
age
0
date
Mon, 12 Sep 2022 10:16:57 GMT
server
nginx
via
1.1 varnish
x-varnish
249364399
cookiesyncendpoint
sync.aniview.com/ Frame 9EA8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=200&key=OPTOUT
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C1B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133801
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 10:16:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 23:26:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 065C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=56&pid=59c9148628a0612da3689288&key=b1ae60eb-f696-40c4-ae5e-0b5bf079cb7b
0
0
cm
u.openx.net/w/1.0/ Frame E1A3 		43 B
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 12 Sep 2022 10:16:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame B183
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26bidderna...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=10&pid=59c9148628a0612da3689288&key=UBGAkaGotYcl&ev=1&us_privacy=${us_privacy}&pid=562704
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=10&pid=59c9148628a0612da3689288&key=UBGAkaGotYcl&ev=1&us_privacy=${us_privacy}&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.255.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-255-87.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 12 Sep 2022 10:16:57 GMT

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-stage-0
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=10&pid=59c9148628a0612da3689288&key=UBGAkaGotYcl&ev=1&us_privacy=${us_privacy}&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
/
onetag-sys.com/usync/ Frame EC9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame AE71 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdveGSE-e39u1GXJA6U9058GXnHNCRjzr6p3u_sw9HCamjzcRBf5dTaQlsd__kAWiYwl4kdew8IhwHYpAHo5YSLmy-DZpUj0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"90f51fa2d1aa98d0551ea61d932b3758"
vary
Accept-Encoding
x-goog-hash
crc32c=gR1vIw==, md5=kPUfotGqmNBVHqYdkys3WA==
x-goog-generation
1662976678380982
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame AE71 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv6ZOpez1Apo-L1r3yDhbiPZokTWvR6LsUGSX2vQNnHwn3zS_ecqwM6SRvdWGgRzzMxJ-FV9buhwJZxAq-f6GPamg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"0c5d0d53596c4b1a998570b05c2d57e9"
vary
Accept-Encoding
x-goog-hash
crc32c=03j/JQ==, md5=DF0NU1lsSxqZhXCwXC1X6Q==
x-goog-generation
1662976678581293
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame AE71 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduiGcVwbjmTUIszj1UvGrvAGQL_UfPVrGUGiq6LLFFA49lbYZCktvV8RcalGbWCsQfl-7Zb1sMzCzB4TYNaq1kGptVsbtK9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"2825d70ab2819e8897bb9086bbbc28dd"
vary
Accept-Encoding
x-goog-hash
crc32c=pVFUbQ==, md5=KCXXCrKBnoiXu5CGu7wo3Q==
x-goog-generation
1662976678583381
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
avpb7.12.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame AE71 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduWBv99_b_Z4RiX3SZMXvhc-E_v8PbDynV4SM5Z_PcvI6xq5KeMZlgymjL6A8xpo7_2ro2fz4EUBLl9sN9LLqJZNA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19946
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"79f07f5c1ed5884058785107838f55a3"
vary
Accept-Encoding
x-goog-hash
crc32c=7iO2pA==, md5=efB/XB7ViEBYeFEHg49Vow==
x-goog-generation
1662976678607507
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19946
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969558018080038b3c07fe379f0081&pos=8a969558018080038b3c07ff3c3d0083&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=225&wd=400&reserve=4.8&req(url)=123greetings.com&schain=1.0,1!avantisvideo.com,8079,1,,,!aniview.com,59918a0e073ef4782e4e347f,1,,,&cbb=2977816916&imp_id=33f0e386-327a-4939-9562-364f827e4fc9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
server
ATS/9.1.10.25
age
1
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&us_privacy=1---&cbb=2977816920&imp_id=33f0e386-327a-4939-9562-364f827e4fc9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:56 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f1c7332a-4087-4241-aa97-fbfe81f717f1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37093&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1662977816666-920457583926-008341-006-009519&cha=0.05&stagid=&stplid=&d35=&d36=6.2.54&cb=12120052921&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1662977816921&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C628b7da850e97943a83f7d3b%2C626a7b5c1576bc4c20574e49%2C62d3f4e0d8665b0ec66c9327%2C62b86e392f65d47a516f6f3b%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C1.3%2C0.35%2C0.3%2C0.2%2C%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37093&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1662977816666-920457583926-008341-006-009519&cha=0.05&stagid=&stplid=&d35=&d36=6.2.54&cb=12120052921&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=request&cb=1662977816921&asid=62b1a8beecf705053613baa5%2C6250243f0f4db040a1785fc9%2C62a704a4e22df13bef59f407%2C6252bf57e35a4e32222ec526%2C628e3b5996c9f44c030284f5&ofpr=%2C5%2C%2C4%2C3&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame A1E3 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdveGSE-e39u1GXJA6U9058GXnHNCRjzr6p3u_sw9HCamjzcRBf5dTaQlsd__kAWiYwl4kdew8IhwHYpAHo5YSLmy-DZpUj0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"90f51fa2d1aa98d0551ea61d932b3758"
vary
Accept-Encoding
x-goog-hash
crc32c=gR1vIw==, md5=kPUfotGqmNBVHqYdkys3WA==
x-goog-generation
1662976678380982
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame A1E3 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv6ZOpez1Apo-L1r3yDhbiPZokTWvR6LsUGSX2vQNnHwn3zS_ecqwM6SRvdWGgRzzMxJ-FV9buhwJZxAq-f6GPamg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"0c5d0d53596c4b1a998570b05c2d57e9"
vary
Accept-Encoding
x-goog-hash
crc32c=03j/JQ==, md5=DF0NU1lsSxqZhXCwXC1X6Q==
x-goog-generation
1662976678581293
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame A1E3 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduiGcVwbjmTUIszj1UvGrvAGQL_UfPVrGUGiq6LLFFA49lbYZCktvV8RcalGbWCsQfl-7Zb1sMzCzB4TYNaq1kGptVsbtK9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"2825d70ab2819e8897bb9086bbbc28dd"
vary
Accept-Encoding
x-goog-hash
crc32c=pVFUbQ==, md5=KCXXCrKBnoiXu5CGu7wo3Q==
x-goog-generation
1662976678583381
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
avpb7.12.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame A1E3 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduWBv99_b_Z4RiX3SZMXvhc-E_v8PbDynV4SM5Z_PcvI6xq5KeMZlgymjL6A8xpo7_2ro2fz4EUBLl9sN9LLqJZNA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19946
last-modified
Mon, 12 Sep 2022 09:57:58 GMT
server
UploadServer
etag
"79f07f5c1ed5884058785107838f55a3"
vary
Accept-Encoding
x-goog-hash
crc32c=7iO2pA==, md5=efB/XB7ViEBYeFEHg49Vow==
x-goog-generation
1662976678607507
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19946
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 12 Sep 2022 10:21:56 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969558018080038b3c07fe379f0081&pos=8a969558018080038b3c07ff3c3d0083&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=338&wd=600&reserve=4.8&req(url)=123greetings.com&schain=1.0,1!avantisvideo.com,8079,1,,,!aniview.com,59918a0e073ef4782e4e347f,1,,,&cbb=2977816933&imp_id=beda3152-0ae2-49ff-86bb-84b32a81b87f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
server
ATS/9.1.10.25
age
1
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&us_privacy=1---&cbb=2977816935&imp_id=beda3152-0ae2-49ff-86bb-84b32a81b87f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:56 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e25f424a-bd54-4a0b-97ae-2cdee7739e93
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37796&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1662977816666-944615683926-008670-011-008712&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=58351144180&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1662977816935&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C628b7da850e97943a83f7d3b%2C626a7b5c1576bc4c20574e49%2C62d3f4e0d8665b0ec66c9327%2C62b86e392f65d47a516f6f3b%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C1.3%2C0.35%2C0.3%2C0.2%2C%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37796&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1662977816666-944615683926-008670-011-008712&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=58351144180&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=request&cb=1662977816935&asid=62b1a8beecf705053613baa5%2C6250243f0f4db040a1785fc9%2C62a704a4e22df13bef59f407%2C6252bf57e35a4e32222ec526&ofpr=%2C5%2C%2C4&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 5C1B 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31499595&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662977816666-920457583926-008341-006-009519%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:55 GMT
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 12 Sep 2022 10:16:57 GMT
server
ATS/9.1.10.25
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ec01a54f79a4ca3b6cfbc30935b5c9c5699bcb7754027f8e7f75ab3eaa5c3a94

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 12 Sep 2022 10:16:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2bf70b735c1744a85d5d55fed5ec44b4b8dd7dd31d858e4d4311e583f4315b6a

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31334c9911fc27155b18e2854b0d7f329f5fae9c52cec21c29c79fff30f18341
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:57 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aa595f23-df58-495b-ac29-d834e51dc122
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=1d1ed636-c14b-48b9-9243-a76450988aed&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:62ab:5c8e:112b:fa29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a45c0f254944c54b51ed6ff1a223999796e6a5aca06d7e5b2124fa1ed74ba809

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
prebid-request
onetag-sys.com/ 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.123greetings.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 12 Sep 2022 10:16:57 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2217e964ad70f76d6%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail%22%2C%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%225e8b42ae145a8138e61d4a85%7C6114f476dd0eb2621e735342%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218d290d8879b3f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22tid%22%3A%22094d64d9-1596-4fc9-b310-48948714d4be%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662678bd58907a20ed2e922026c41be0ceecd88fd6233179da4498d23c14231d

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtaS48fGy5Eq%2FsrTE2Ra1rzBcHwqz4hBp0Aiae%2F8Jq4WcF1z1PTqvlFpPVFMWEVdLTPn1K%2F%2BUWloa2vyvQYbEC3ohTO4bPM0ntDwsvOlKz7khtjMnyqNv1MVr4uwpHNT6YwsJodu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7497e3fc9e445b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 12 Sep 2022 10:16:57 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 12 Sep 2022 10:16:57 GMT
server
ATS/9.1.10.25
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 12 Sep 2022 10:16:57 GMT
server
ATS/9.1.10.25
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b4c482d2be8e850e7455e02bd8aecb7586fbf660843105964765dd34e48aaf12

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f54176dad306b0061cf13c12092fe68d13f5f5e9e5f576b58842565eef93dbbd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:57 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
eeadef01-6927-4839-b931-45b7632ae634
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
94c2c0d198e306138336e13185d2f0d119593764ed36ab83705b98e47ab946b9

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
11920d32b852d914a3e2eeecb92c0d216ab46f3bfc18ed0c1583f1e0327b2c24

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=1c3232cf-028b-4bab-a946-b9f780f6565e&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:62ab:5c8e:112b:fa29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 12 Sep 2022 10:16:57 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2215f5cb6345bcba1%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail%22%2C%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%225e8b42ae145a8138e61d4a85%7C6114f476dd0eb2621e735342%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22160c1f26560e627%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22tid%22%3A%22d04da719-6231-48c2-858b-5f80b7073c17%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656d3bfaff50a47e40888d45f7baa32a2965391151d646007539ba95593a0385

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sZWo7tJLqcwqjkjFoF%2B3yVTgH%2B8suKxqkyWVKVYP8oAYGlL6jdyz4mxD1d2OxcrNBUsRAHOS1k276Hxguqh8AOjaKYaLK3Uu5Epn9SsYev%2BSl6SjDighUz5KTbMsWigHLXcEWTh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7497e3fc9e455b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.123greetings.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
37a68e888db09090f270ed55ce28149a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/ Frame 99C2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/37a68e888db09090f270ed55ce28149a.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eabe44fb6e4e31873481ad2d244c7061be5ce3342ba56268cee5a580fe4294a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
463185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16654
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 07 Sep 2022 01:37:12 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Sep 2023 01:37:12 GMT
6e5317f92ce1bc41c5e11c59955e6b7e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/ Frame 99C2 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/6e5317f92ce1bc41c5e11c59955e6b7e.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616a1b169fe97c3f25a70c91335fc046a8d9425236c043ff99b862f9abb900db
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
462521
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25286
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 07 Sep 2022 01:48:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Sep 2023 01:48:16 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37093&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1662977816666-920457583926-008341-006-009519&cha=0.05&stagid=&stplid=&d35=&d36=6.2.54&cb=12120052921&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1662977817679&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37093&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1662977816666-920457583926-008341-006-009519&cha=0.05&stagid=&stplid=&d35=&d36=6.2.54&cb=12120052921&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=bid&cb=1662977817679&asid=62b1a8beecf705053613baa5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37796&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1662977816666-944615683926-008670-011-008712&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=58351144180&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1662977817720&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37796&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1662977816666-944615683926-008670-011-008712&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=58351144180&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=bid&cb=1662977817720&asid=62b1a8beecf705053613baa5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame 7C60 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 10:16:58 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1348 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 10:16:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 209F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20326
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Sep 2022 10:16:58 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 205056
X-Served-By
cache-lga21958-LGA, cache-fra19143-FRA
X-Timer
S1662977818.230177,VS0,VE0
/
onetag-sys.com/usync/ Frame 16E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1662977817073
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 505F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133799
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 10:16:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 23:26:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E290 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 10:16:58 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame AB0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1662977817069
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E80E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133799
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 10:16:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 23:26:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5FB6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20326
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Sep 2022 10:16:58 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 205057
X-Served-By
cache-lga21958-LGA, cache-fra19143-FRA
X-Timer
S1662977818.242906,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 1348 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40580
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Mon, 12 Sep 2022 21:33:18 GMT
async_usersync
ib.adnxs.com/ Frame 209F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0f66db55-016b-48ac-8aac-bd33982e2d8f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1348 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
async_usersync
ib.adnxs.com/ Frame 5FB6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dc6f6dda-a98e-4359-ba75-70b2adbcf561
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 54A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9d057dffc2edf61835de6d204ebc1b0ac1320b921563945cce005471d2d0094

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7497e404afca9250-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 10:16:58 GMT
dropped-udsids
39|230|241|73|195|18|238|64
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibDxrCohDwdDTunN%2Fr4njfaxag9Pt%2FKuUCBYigSGbVyvSE%2B0%2B%2BonAxZBKiwCxU9VaaCA9s%2FxJvJHmzxfUMD9Hx51sCB32Glmg2QoHBoyiTFyTkvVbDJ0mm23PxMLlt0UbOCqqNU2cMw4%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 97F3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8522bd8b9787429dd0ddd400042f0516c3ef89d3f6cd18b24d4b7003e89eb4b6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7497e404afce9250-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 10:16:58 GMT
dropped-udsids
241|39|230|73|8|26|31|176
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xElTNkESuexNyYdXm4ejVFGWIWf6g6xBfH6NKpCVCi5mhVxndJPHiWFeNMyeCfXoxjhPAcwzcnn9blhYaH4v%2BcWzwdr4AwQU0RR8bjZaS03RBS2Lluns6LqBJsCyZr%2FkXeDBjwxgw5EdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
event.png
tpsc-eu3.doubleverify.com/ Frame C2FF 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=15be67cfd8854ebf8fc2f6ebd4ceb224&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=541&eoid=11&msrjs=3057&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=118&tetms=12&msltms=58&vltms=541&sei=290&vetms=223&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=58&isumms=57&nvr=6&elmtp=1&isbxdms=2857&b0=276&b11=2829&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=3105&sftb=3105&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1080&isuiabvms=1080&ispmxpms=1080&engalms=55&engscrlms=326&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ttfurm=3807&cbust=1662977818327518
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3057.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/11/2022 10:16:58
dcm
s.amazon-adsystem.com/ Frame 97F3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
VE35R29DV6XXH1K9M909
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
QYQ4R0A3GWAKFQ68X18T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 97F3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 97F3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 97F3 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e43a:8d66:d240:c30c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 97F3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d025526f-c47f-4ece-b926-ce48954fafec&expiration=1694513818
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d025526f-c47f-4ece-b926-ce48954fafec&expiration=1694513818
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e4075b499b3f-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XduZHJN7cRRc885RCIIAGP2eHYfiPgza7pMl16uHgjGZy%2B%2BVVh4%2B%2Bh2X5c3nKKJRsDCr77OfhLLOpCgpxe7K5feaN2sg3OHwgPLacWX3HJQOJeWt7dbpqvrulamZ4uHd%2BNo73OHnNbqkpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d025526f-c47f-4ece-b926-ce48954fafec&expiration=1694513818
Date
Mon, 12 Sep 2022 10:16:58 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 97F3 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAA%261147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13514
noop
px.owneriq.net/ Frame 97F3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162642181303384583&uid=Q7162642181303384583&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-159-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 10:16:58 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 12 Sep 2022 10:16:58 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
113
match.deepintent.com/usersync/ Frame 97F3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:58 GMT
content-length
0
server
b
htw-pixel.gif
cdn.indexww.com/ht/ Frame 97F3 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx8HFWYZnuEys7aDbvpcNQAA%261147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e4056fae928f-FRA
date
Mon, 12 Sep 2022 10:16:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
38
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 14:16:58 GMT
casale
match.adsrvr.org/track/cmf/ Frame 54A1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 54A1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 54A1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9HJCEZ5G2020D69XWD8Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
D31AH59RRRADK4YZ48SX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 54A1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx8HFWYZnuEys7aDbvpcNQAABHsAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e43a:8d66:d240:c30c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 54A1
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1022d4e7-1ce5-4dc4-9f83-66582543f5da
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1022d4e7-1ce5-4dc4-9f83-66582543f5da
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e4072ae79b3f-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TZteUtyBwCHPclSidOh9D7Np4zzISTebHEvyc9%2BZNFF3zliteWZWXtxuscIDFEd5dMGqmWGykgsR5GdSR2uoX0p%2FyzmnEWRIjDZ4bgsHIthUsKvk9Gh1w0FMBueBIOMxukN8hX1eDn3gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1022d4e7-1ce5-4dc4-9f83-66582543f5da
date
Mon, 12 Sep 2022 10:16:58 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 54A1
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678616218&external_user_id=d37dc192-05c1-4f5c-84a7-a8917a864469
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678616218&external_user_id=d37dc192-05c1-4f5c-84a7-a8917a864469
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e40628de9b3f-FRA
pragma
no-cache
date
Mon, 12 Sep 2022 10:16:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9suat843lOHYgft8%2BqD7gjMAlPnTzcUYl7GXTDfp0CtefyH7ngDE0icLu9iCaBsbf11hKLK1dA8Y%2FIMoFvhg4V%2B3s3FoPnrCtJvB%2Br6mN%2FGKnVwRuzpk6bIHlleNcTFUZVw63rCeVwiBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 10:16:58 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678616218&external_user_id=d37dc192-05c1-4f5c-84a7-a8917a864469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
461886.gif
idsync.rlcdn.com/ Frame 54A1 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=Yx8HFWYZnuEys7aDbvpcNQAA%261147&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 10:16:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 54A1 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:57 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 54A1 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx8HFWYZnuEys7aDbvpcNQAA%261147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7497e4056fb3928f-FRA
date
Mon, 12 Sep 2022 10:16:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
38
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 12 Sep 2022 14:16:58 GMT
dt
dt.adsafeprotected.com/ Frame E516 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=7428862f-96e8-4d95-5bb0-2ddc2062d845&tv=%7Bc:nZGPsJ,pingTime:5,time:5455,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:100,vs:i,t:454%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5455,o:0,n:454,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B446~1%5D,as:%5B446~300.250%5D%7D%7D,%7Bsl:i,t:454,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:162,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c*.1164679-65554027%7C1c1%7C1d.1164679-65553624%7C1d1%7C1d2%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:59 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame E516 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=7428862f-96e8-4d95-5bb0-2ddc2062d845&tv=%7Bc:nZGPsJ,pingTime:5,time:5455,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:100,vs:i,t:454%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5455,o:0,n:454,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B446~1%5D,as:%5B446~300.250%5D%7D%7D,%7Bsl:i,t:454,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:162,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c*.1164679-65554027%7C1c1%7C1d.1164679-65553624%7C1d1%7C1d2%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:59 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync
ib.adnxs.com/ Frame 209F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:59 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
61c039a2-53e8-4824-90d1-450cb8c761d0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 287F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1&tv=%7Bc:nZGPtI,pingTime:5,time:5583,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5583,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B573~1%5D,as:%5B573~300.250%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:203,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c.1164679-65554027%7C1c1%7C1d*.1164679-65553624%7C1d1%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:59 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 287F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1164679&asId=a906dc6d-142f-4f64-24a0-5c7d4d2f8cf1&tv=%7Bc:nZGPtI,pingTime:5,time:5583,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5583,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B573~1%5D,as:%5B573~300.250%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.252,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:203,fm:thdjqNN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C19%7C1a%7C1b1%7C1b2%7C1c.1164679-65554027%7C1c1%7C1d*.1164679-65553624%7C1d1%7C1e1%7C1f%7C1g%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:220c:cf69:e705:bf34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 10:16:59 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync
ib.adnxs.com/ Frame 5FB6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 10:16:59 GMT
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7393b14f-ef03-433d-aded-f9b2b17643aa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.gk.123greetings.com/2/2.68.0/945541/AYHxl1gJEPSJTf-L/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AYHxl1gJEPSJTf-L&oz_sc=58df04dc1e0719ea379414bf&oz_df=1662977819682&oz_l=327&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.68.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Sep 2022 10:16:59 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
6e5317f92ce1bc41c5e11c59955e6b7e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/ Frame 99C2 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14081140813452513368/media/6e5317f92ce1bc41c5e11c59955e6b7e.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616a1b169fe97c3f25a70c91335fc046a8d9425236c043ff99b862f9abb900db
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
462525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25286
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 07 Sep 2022 01:48:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Sep 2023 01:48:16 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37093&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1662977816666-920457583926-008341-006-009519&cha=0.05&stagid=&stplid=&d35=&d36=6.2.54&cb=12120052921&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 10:17:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=37796&t=1662977816&cip=178.162.209.142&sn=esep_harvestmoonfest_remail&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1662977816666-944615683926-008670-011-008712&cha=0.7&stagid=&stplid=&d35=&d36=6.2.54&cb=58351144180&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.238.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-238-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 10:17:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
all
csm.eu.criteo.net/ Frame 454F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Hsm37p4qTrAtEcrD361Jb0eqx5TCzFZ-EVPMjf1RZVprneEdTRXMdMH3rA3uZY6P1mOWHgDCwXMyqpqrAC06M5yeLp_87ctdhVC80TwixmxnX1v6T33QyHHW4QUTH6ZFOdDDoa-t_Mi-bhITnNgdVSqPIa3m3KtmTFzkPT76GgPp3Iosdyqn2TdIsfe0lEL2L3uN8PJ9bmamevhjL_dQg9Z80lM2x7MpdRVbXtAtqQ-63Q8wlSBV0lWr2flJyq1nz3amoA&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yx8HEwAGmbgKd5JpAAUq5Bnu8SO7PUZbU_SFRA&u=%7CnkFewIha29Nopilx788b8QLKAOu3kbMwuo7MjV9xguc%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gvWD0-ORGT_-nV0jE1a7LSyQeJ98RSVvp6MCXCgZeTjsTIxKgiVPzOHXQBpRo4Sk65WeZP475KmkagSKPd7Bq3RvfX-s4kewBm_5Cy-z6OYbfrYPKlfkc6XF2U3X5fT2lzVkE-lnVBxALF0lvt5PNI6qxQDlDUSyI9SeAZ0TQfdJV3-jXmtb5MQ_8WD_K3WG1ipQGR0tpkgjzWZOfdfROLYfLckRHFG1rnE3dClNtch4sqgS1cM0m88yCyIP8JBlDlRmL7RrpPH7emd4zMe7cX_RmXXmlmkHL8kfs55_V_ncRHUuQhYdD2PKQjbbzmtRdWavxW4f6iD6EXjpGezQ7mq9ccB3NZ6I4ZIEUkZ8fR9nf0UrpP6Ga414BgqlOmmyiW3bFWBYRe4mQaDgcEqSEFK34l5t5pG25I-Q2W_VtR_ZEVq03Zr4uGoynSJrxm3EACZsr8kcdph58896Nagho4ny8VEWX-9K1UO2DDc9Rqq0mCtuxsC9yb5XgPo8BxRweAyj0MarGYKn_Vdnj7nBkv2j-Ug2ARQLb0DcB9cv26hfjxjkJh9lhr5AFOVG0fObOg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbLrbEwcfY7izGumk3gPk1ZTABsme0rFc1Z2R93DAjbcBEAEgAGCVyp-CsAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAoa-xJ3d2LA-4AIAqAMBqgSWAk_QP50dBxMtFRUnVaBJFo29BzBJAfdKbqtpxpfGm_5BVd6A4hpLwKYkY_i2jB6l4K3IcF6hecPiiPHmfe2GCe8qPxga1QSAqDWDDCkJ3x_BPTtimH1-rD47nzCDRt4uF6Ihyc7nOQgcrjskNNpLJJviqaeqz1B9gFrVOhPPX9RtmtypOfM4VBVkJJ2sKqW3pSS8EwgjeN0n67ew-jE_nrvY1yZk9wVkWdO9iDBI9n77MdD74wLJJeb8RJLtmzySRIvRSGpztPDxogqfct0DSA0SWbXWspDLeRPyR8H99wSp48fcTIbNasr1vpfkbIMmazD3vcKotm0BA0Pc7Ih-hAJ3QFC05VTzRalwvpS4kfyTtbtIl9yS4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0W7c-zP08-U1csoshKW5KCldCgKg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 10:17:01 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=55&key=3336921984697199767
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=200&key=OPTOUT
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662977816666-920457583926-008341-006-009519&biddername=56&pid=59c9148628a0612da3689288&key=b1ae60eb-f696-40c4-ae5e-0b5bf079cb7b

Verdicts & Comments Add Verdict or Comment

473 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getCookieVal number| isMobile string| HUMANScriptURI object| hmn_script object| dataLayer function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| json_path object| dataArr object| userdataArr object| newest_id_arr object| latest_id_arr object| videos_id_arr object| postcards_id_arr object| animated_id_arr object| rating_id_arr object| views_id_arr object| curshow_id_arr string| disp_by number| disp_count function| subcategory_init function| fetchData function| manageData function| showHTML function| showPaging function| showSortPanel function| do_LatestAlgo function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n string| cat_q1 string| sub_cat_q1 string| page_url string| site_rtn_overlay object| adsbygoogle function| gtag number| offset object| jQuery1111041932838646990866 object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends boolean| ozoki_sv object| $$$ object| __buffer object| gaplugins object| gaData object| config_data function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| saved_tc string| saved_sc string| ________ok boolean| isHuman object| google_llp number| google_lpabyc function| miCallback object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| end boolean| isopen boolean| flag object| boxFunc object| avntsWebpackJsonp number| avnts_player object| avntsQ function| avPlayer object| storageAni

35 Cookies

Domain/Path Name / Value
.123greetings.com/ Name: utm_source
Value: esep_harvestmoonfest_remail
.123greetings.com/ Name: _ga_47Q5QDHYDP
Value: GS1.1.1662977810.1.0.1662977810.0.0.0
.123greetings.com/ Name: _ga
Value: GA1.2.184159887.1662977811
.123greetings.com/ Name: _gid
Value: GA1.2.1990106685.1662977811
.123greetings.com/ Name: _gat_gtag_UA_5085183_1
Value: 1
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=0
.trkn.us/ Name: barometric[cuid]
Value: cuid_76ecfb1d-7d66-4609-9ab7-db0d21b10e36
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlz6DxmNIsN9OcqIcWR9_7AwO1WnGr5mErftRRf7veQIe-HLE8eHKf8vnF0
.123greetings.com/ Name: __gads
Value: ID=83115529adb329e0-223fff621ece004a:T=1662977811:S=ALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw
.123greetings.com/ Name: cnFbAtkn
Value:
.casalemedia.com/ Name: CMID
Value: Yx8HFWYZnuEys7aDbvpcNQAA
.casalemedia.com/ Name: CMPS
Value: 1147
.casalemedia.com/ Name: CMPRO
Value: 1147
.spotxchange.com/ Name: audience
Value: 05da479d-3284-11ed-8436-1a404fd50506
.adnxs.com/ Name: uuid2
Value: 3336921984697199767
.yahoo.com/ Name: A3
Value: d=AQABBBUHH2MCEKQeG07Rs-JPxmSRzceddekFEgEBAQFYIGMoYwAAAAAA_eMAAA&S=AQAAAivI5BUQ4TW4YTg6etCVNiE
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yl~274a
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU#hF!wM!]tbPl1M>e)ZlrFUfJ+tGXxp$^D!IMVwRfBOTy>/@j^.kFvE:#_/#q)8?Yv?*bpRz*qF1`*b_Yn*--EX
.demdex.net/ Name: demdex
Value: 42237679330851071863017606284480222612
.dpm.demdex.net/ Name: dpm
Value: 42237679330851071863017606284480222612
.aniview.com/ Name: aniC
Value:
.csync.loopme.me/ Name: viewer_token
Value: b1ae60eb-f696-40c4-ae5e-0b5bf079cb7b
.adnxs.com/ Name: icu
Value: ChgIoNZ3EAoYASABKAEwmY78mAY4AUABSAEQmY78mAYYAA..
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7dadc1ebfc6b52b2
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.casalemedia.com/ Name: CMST
Value: Yx8HGmMfBxoA
.casalemedia.com/ Name: CMRUM3
Value: ee631f071a2760&f1631f071a05a0&2d631f071505a0CAESEI6urueZXOmkNOjMBanmIuM&e6631f071a2760&12631f071a05a0&40631f071a05a0&c3631f071a05a00&27631f071a0b40&49631f071a05a0
.owneriq.net/ Name: si
Value: Q7162642181303384583
.owneriq.net/ Name: p2
Value: cc
.company-target.com/ Name: tuuid
Value: d37dc192-05c1-4f5c-84a7-a8917a864469
.company-target.com/ Name: tuuid_lu
Value: 1662977818
beacon.lynx.cognitivlabs.com/ Name: UID
Value: d025526f-c47f-4ece-b926-ce48954fafec
beacon.lynx.cognitivlabs.com/ Name: ss
Value: OXGGlTA0r8gHPSjWifS56hysofQaqfllwH8HUXfwPnYnXeqmMaWVtLQO5W09kJ%2BhzGYXJvbJC%2FOK4Yx6MgNYaw%3D%3D
.casalemedia.com/ Name: CMTS
Value: 1152

11 Console Messages

Source Level URL
Text
worker error URL: blob:https://www.123greetings.com/2bcebc60-f92d-4254-84c7-c0d8fd723d32
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/2bcebc60-f92d-4254-84c7-c0d8fd723d32' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.123greetings.com/2bcebc60-f92d-4254-84c7-c0d8fd723d32
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/2bcebc60-f92d-4254-84c7-c0d8fd723d32' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14081140813452513368/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530254&pi=t.ma~as.5083543412&w=300&lmt=1662977813&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662977812874&bpp=24&bdt=256&idt=498&shv=r20220907&mjsv=m202209080101&ptt=5&saldr=sa&cookie=ID%3D83115529adb329e0-223fff621ece004a%3AT%3D1662977811%3AS%3DALNI_MZqu33qkWTXuxJy12nTw7Fc23dbtw&correlator=99238328942&frm=23&ife=4&pv=2&ga_vid=184159887.1662977811&ga_sid=1662977813&ga_hid=762654050&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=2339473399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531705%2C31069448&oid=2&pvsid=746443317389060&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dt6njtp28901&btvi=1&fsb=1&dtd=533
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14081140813452513368/index.html".
network error URL: https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=1d1ed636-c14b-48b9-9243-a76450988aed&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source%3Desep_harvestmoonfest_remail&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=1c3232cf-028b-4bab-a946-b9f780f6565e&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fharvest_moon_festival%2F%3Futm_source&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=Yx8HFWYZnuEys7aDbvpcNQAA%261147&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a4f46f7afe03e68562440737d501dc8.safeframe.googlesyndication.com
acdn.adnxs.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
avm.avantisvideo.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.123g.us
c2shb.pubgw.yahoo.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.doubleverify.com
cdn.flashtalking.com
cdn.indexww.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.123g.us
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
nep.advangelists.com
onetag-sys.com
p4dt2-ha1hf.ads.tremorhub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
play.aniview.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.owneriq.net
region1.google-analytics.com
rtb.fr.eu.criteo.com
s.amazon-adsystem.com
s.company-target.com
s.gk.123greetings.com
s0.2mdn.net
securepubads.g.doubleclick.net
servedby.flashtalking.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
sync.aniview.com
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
sync.technoratimedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
track1.aniview.com
trkn.us
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
web.facebook.com
web.ssp.yahoo.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
sync.aniview.com
104.18.18.126
104.18.19.126
104.96.128.226
104.96.159.65
129.80.94.115
141.226.228.48
142.250.185.130
142.250.185.66
142.250.186.130
142.250.74.194
151.101.129.108
169.197.150.7
178.250.0.162
178.250.2.135
178.250.2.148
18.156.0.31
18.156.195.47
184.72.244.154
185.94.180.125
198.148.27.140
198.47.127.19
198.47.127.22
2001:4860:4802:34::36
205.185.216.10
209.197.3.19
216.52.2.39
23.205.235.133
23.23.202.74
23.35.236.201
23.35.236.247
2600:1f13:800:7780:220c:cf69:e705:bf34
2600:1f18:612b:4232:62ab:5c8e:112b:fa29
2600:9000:2057:7200:3:748e:7940:93a1
2600:9000:2190:ec00:8:48e:53c0:93a1
2600:9000:2250:5c00:8:9ed9:9c40:93a1
2600:9000:2490:e000:1c:38a0:8a40:93a1
2606:4700::6811:190e
2606:4700::6812:c4c
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:800::2016
2a00:1450:4001:801::2008
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9c
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:26f0:f700:2a0::2c79
2a02:26f0:f700:2a3::4469
2a02:26f0:f700:2b6::2c79
2a03:2880:f007:1:face:b00c:0:1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a05:d018:d29:3602:e43a:8d66:d240:c30c
3.228.232.15
3.65.16.214
34.149.12.213
34.235.255.87
34.240.117.131
34.255.80.220
34.96.71.22
35.244.159.8
35.244.174.68
35.71.131.137
37.252.173.27
44.241.52.146
51.75.86.98
52.205.37.96
52.46.128.147
52.51.99.30
52.55.238.42
54.157.211.237
66.155.71.150
69.173.144.138
8.241.45.124
8.249.63.252
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681
052ce0b834644560823d0cef583e60182a96e618c478644960bb1701af938155
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
055fc381eb8d88da1ff7c6e2c2109237e3d4c04f13778d3278a72ddc48078625
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7
075c6e12a4b52e9cb3e68815f5fccdf234062d1b41aae94271547c016572ae79
08bcabccf8ce9fd90f2a092d81343a0d29da6fa85297b744096b35cc98b0ff0f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
0fff996b5959b08fb7ac6d1c1a2843bf0cf6698f96389cf5b28ee54eb636f256
11920d32b852d914a3e2eeecb92c0d216ab46f3bfc18ed0c1583f1e0327b2c24
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
1374442b7de3587c311825d013e98dac7c4980b1f6d13ff3830c1825f453b151
13d4667177bf9777b7d9a0ce216beb8f877f4836ae8e234e689547abcbad7837
13f4143e51cc843efafd0366c45774fe88baf14d5f0a9a353816c4fb3810b61e
15a0405a9c69fc016ac97e06e991cf3ec33046ee5af05301223a1f86064d63be
17a34915ad056934b3712bad2375ed08be40571457a1818652ba2d8ed10a27d1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187e8603c927f07dce64f548ad17d8cc5b861c021ed61b8f3d7c8905e34e8f1f
195625ec7e482ee84008de1c765fb3a503db5767b8138233bdf86ee40bc25483
1a6ad0970efc1373469821086a341a32982b599e09e4d198ac485941ccf610cc
1ae3aa2ed6f2bcaeef56190ad3e57309f9c4500012f8a41bc3379b65aaf1d5ef
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
2091052d5cc5b7d9e56a38a3a100c5015c5718995ac1d3255e51843ac50bdb16
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267
228d9ab2bd97935adc6a0db2d9431c500aa0969d220ed21882c3f684ea04b46e
22947163b9b9ad637680638f412b4f356f77c159281bf9da45afbf07b79f26dd
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2a4edd546ff2c697bd791842c6a3b5614c9d81d33d3251c842007998e8c4f916
2bf70b735c1744a85d5d55fed5ec44b4b8dd7dd31d858e4d4311e583f4315b6a
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2de6c7d2d225761b129f6d26bbaaa9e647f48e758b5350684aea11f3afd2f806
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
2f71531399225b82a624bf17187993fbdfb8010f50e45d2d1493f0ac66e7b47a
31334c9911fc27155b18e2854b0d7f329f5fae9c52cec21c29c79fff30f18341
328bf775da286fe8a88c774da6c3b8732c52559aa4e84e6179bb889fc26f5801
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c637556945a20e24623cc2af8a99729a245eaaa85024152edf2003411bb870
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3566163003ce26a4be0bc5465ea91442042c240b518d05ea2dae78ddd05b7332
3596fba3191356b9a93733b8dd0135e66eeea6dccf7627921228034bfe024eb2
3605652bf6621ecefe4ff4f43c1c2623caca95b942cb32b39b7514a43dcb90fb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3644c7d20e5506c54c5b0a56ee92f2346f93263115b1ca259c6138cffeabc6bb
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3a65bf5ba22c9190dc17ee1af4e09c9b3b9426c6d77c665ca25072dcdd43836c
3b7df25cacf06d8a2cebaaf5df973a5ba704cf85f150f39db62744e010e3e8d2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
420e8665c913d96f8f0f1e128aa850c0b7279c6491da6d3251b39ae4c479976c
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
4468223874313a873a77cc4df05012c88768cba0c577f9962e162bbf014d7e86
44c6ba7ce3d9628a9187a2a3f90fc4b8d247bafcb5a54f96927d0a44de7c9292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a85a086bd99d58e42f1f99aec170c0da4911032a8a4f34e38e7e9ae40cdf3f3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e722aa73c0477c0c2bcd367c93dfdf7338e70e62b9e6acc4ed1cdd804e61108
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
5100861fd6684233f69a0869bc6cdc8890357945fef4efdac9c176748da0af9d
52ad4bae190b8050815264d86b0021df2ff02a855f38af2267c2c2dd0fbd4047
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55297ecf8327a1d7755c0b4ac3ff5da39523af30332cd8194d709fa4a7014b82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568183577979fea34c0c2b7ff52dd8d213946d7801f43885bcaf0bded65b8183
57839cc464accf1951fdb130b14ab07a83d227c938adb09362bf186d347364a1
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5996cba77fcff80cdb76e4555cda37d6cc86ebc4669ed9669fb438db4d3ea945
5a6b44f20836bb0cc7a629d225348730be0b603b1da1764d6d361fb657d98e02
5bbfc0ac2b100afdae0b8fa5f236018f135f2e8db69c776b55554baeedb471bb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
613d5dd7a3d8e9cd3a8e1537c3f01e12f04b7ef61c64fd937d83ffce0edafcce
616a1b169fe97c3f25a70c91335fc046a8d9425236c043ff99b862f9abb900db
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
6474b569cf06c534a4d2dc329a4c3caa7dfaa6f9d5096afe821c44eba7454b31
656d3bfaff50a47e40888d45f7baa32a2965391151d646007539ba95593a0385
662678bd58907a20ed2e922026c41be0ceecd88fd6233179da4498d23c14231d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e30fd50e0873194c063148d3eaae833b0ad4fd8f1d9997df3196948526c9928
6eabe44fb6e4e31873481ad2d244c7061be5ce3342ba56268cee5a580fe4294a
6ec673d424147e19640e15aa01cc5d7fcded63feebc1db7a75e91cbbfd2f1151
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745e689502f010db092887a967fb6581a58282ce792603161cf63772ec59d0b9
75ba3370f00f19c52fae5a7f78df5d6b70dda1e81e7549944bc42a3247d90756
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c5631ab425355e7dfe4c122810d96d2283b854c5281d5e019bce698f4d24171
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7
8118f9caab521097310cbd5980732e472a431511536759da6a7f475e2f9b1c2b
81aaa14e2744ae6089afbb1073ceb19749d08eb36035bf3ea616549e3d6a9ede
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8522bd8b9787429dd0ddd400042f0516c3ef89d3f6cd18b24d4b7003e89eb4b6
8685d1c0fc421dcbcbadc1e7bafe689c6a71920b327ba2d2bc37cac3c2b74263
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b114c831ae69d3a621cb21ace849cd52768e93fd4c5007a819d20432f0df284
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8c5be5013131ada04bc2dd4da9493d8f17c040dcb986135dfb3a26a7f18b29ab
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d77272e667edbd250940ee04a90ca18c05443eb72775e1b19c9999b57983226
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef216dff1c6df9c75e919774c39b9df5cf404b74dc84cf7f5832325fcdab87b
90b98930822e26b799b358fb5eb5fc8d9571db357986b771156651977f43c2fb
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
92aae9489d71f1aedc56759a22c8e6e169c913c5024701b3f663acb4c628cae5
92c5751d75fa59bb115568eeb5ce689f015b2e1053967ab26bc14c710e2a8993
92c7c239cae66edd919b8bd6cdd321df0cb5bdce931b4a2a4a15861af81abb42
94c2c0d198e306138336e13185d2f0d119593764ed36ab83705b98e47ab946b9
9641ee4f4adab352ccea224ab444ff75d3715cf6a82d4e772473aa3c1dfa79a0
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550
99172bdb6e1246a0e9448540c3de7c5db0b557ea4c834773cd3b2cce9e4100a1
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a35bc6dbd8e0b4f6d1577a1c55227442a4ea7427cbd15379b15d237edf201510
a42e6f6a2f5fd69061f40d3b8353e65c29cb1d65caf641255d9ef040865763bf
a45c0f254944c54b51ed6ff1a223999796e6a5aca06d7e5b2124fa1ed74ba809
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9c2e99ea45f89b2f3e91c1314613e6798bf3b652be41d3360943007771aff9f
aa89662c4865f35ad323fe7728a6687c78b80a0db3e192c24b438de1f814e6c8
ab6521d7f8270a417139743c6dfb2cf083d647b4d350a25e13faade0e857a9fb
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
adadbfffb9369a316d5098a6f7bf893ad5bb14f3035ea19704917cd11639f023
add6cba3305db57ebe9f85c70d6900da0a00599ad8550a4a5a4cc5a3e733ee2b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b4238fce65430ce1851ded4b19658654d53a08095b6c2a282d0f8f3fe41f60a7
b4c482d2be8e850e7455e02bd8aecb7586fbf660843105964765dd34e48aaf12
ba64c8489b418d2356b12fd052f0eb0f6a81ae7a3ce9d6ceb55941edafc223d7
bbe8eb3db112bb41eb0b3f605f9276f79f9cbf4c373ef3e32cb0ab63a18a152f
c0b8094944f7cc42d19b3fb4e316b943957074ff75de02cf8519898d25a21bd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c4178e2f41734acdf212e7481b0376c76298f8356feb9d2e63841f9ccf267ce9
c4e4bb8fadc43078cdaa7cf5724af61540fddfeffe414b4ab817655f532e2cea
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c8204400aa9812838230020b85aa8a04b36bfda27cb0f4758ed83312a0fd7251
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cb768c7edd2da1a7e1f8325537f4c393dfe06fc4b96e47fe1ecd10bb54d2484e
cbaabee6de205abba11831b556339ba77d47c6eeafd6baf7f74157f129beb8d0
cc03fc22288f7bf01c0e91b022b863e5a89267d259d6a31c046c86af16eb46b0
cd6b83da7feb207b78af33f8270690be835a8fcdd34ad223489816b99b2e9064
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
cedc9bc5b094627eb856fb1c4342e24857c64c772bcff65472593832587da7d7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2839f1dce2b8c92dd91e190d455db355178099f3bbbc6d43198f8362c6c7cf8
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
d504e20da3974e8c88147d37ec376347e8269fad099c9e60b67d9cf7c830aa5a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6d2ec8d513e981bed8cb34ec19887699fde42c9bb2828afa1886ec32afc912b
d82ac656c0175d252d08f5a4c029cbada55a413df58910cdf0be7e6871226571
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9d057dffc2edf61835de6d204ebc1b0ac1320b921563945cce005471d2d0094
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dad4127a2c2ec0b83670955fd8934c6b1ecf84a09bbdf8ce4cf64d48d920a660
dd238ee1db2bfaaf8a12c99fd8fe6e367fc0f6ae287aa2005e44739dd6017b0c
de2cdfb664638aa888d41ec94ca0a372b730e6c431ec79de7a5a01a83aaeca39
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687
dfec9b8604ca21c6d9bf3cd4867f8e2c2e1cf9821eb20d31a1a0664b20f99215
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e561e56ff222d8c369687495f307eabb5d4999bcd64a228e00dd1df0d1683dd3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7733f5441f4d8f6857e1d4c98294a425b77368417c9d48370f47ce1def98633
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec01a54f79a4ca3b6cfbc30935b5c9c5699bcb7754027f8e7f75ab3eaa5c3a94
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec40f70302c534c17d322755537bf5be0e751fc873539d26975a38f638222662
ec9ae04448369cfd061688be0e2203a5696e42a15d1c179e7ba7849acb2c63cb
ed1b3bf041c20e7b664b61376e565f9302ed3d6efa5c47150c1d3912ca98a789
ed4bb0acbc166cec06f1acb02f93ab96475b64f38ccffecbbd09e5018daad3f9
ed9fc910d217897ab4b68196d68c122182c5169b1ae7634e29ba7ee28cbcbd76
eda230dd867267de3ee51f6003c89cb0a60073e35674ef98d425111b5d40247a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f0069b5d6f3064b7aac9be3ba03ae5a7a6f88ca1f65850b6058c77f01936c11e
f0497ff2538226b707c0602314acfd2708c2fef2809d5631afd405ab3b205287
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f181af14f12dac7a849b77afc979988f505cc0e59a2161efee33c95671a34aec
f1f3196a7675177c3f676251130a086f6faed6535cbcb6c12a73e0c72d6a2285
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f54176dad306b0061cf13c12092fe68d13f5f5e9e5f576b58842565eef93dbbd
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f6fb9a3d8163fa605b08d1f596256052a7677ea3c1b945d2597f4aa5cc516cab
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fa3c5b47e00401eb40e1ed10c1ed63f28c25f6869d7fd0d4feb30b2a019a5b3e
fb5d03d066ef45cc4a474c9d16e85a005726c2182b20086718de4a02570085d2
fe8fd4a9c528868e1284a329ac669e0a31aeffe5907497723c4a445445f63a44
ff2ad68b18a268299e48391685216e5821015f8dc5793241459d6690d2d7d13a
ff2b2ab584c77a03ee6570e9d5ad2dc1e66461091c59a0027b6d4d35aa81b539