newyearwishing.com Open in urlscan Pro
2606:4700:3037::6815:e8f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyearwishing.com/
Submission Tags: phishingrod
Submission: On April 28 via api (April 28th 2023, 6:35:52 pm UTC) from DE — Scanned from DE

Summary HTTP 111 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3037::6815:e8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is newyearwishing.com.
TLS certificate: Issued by GTS CA 1P5 on April 28th 2023. Valid for: 3 months.

This is the only time newyearwishing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:303... 2606:4700:3037::6815:e8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
12	18.203.96.5 18.203.96.5	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	18.135.113.117 18.135.113.117	16509 (AMAZON-02) (AMAZON-02)
1	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.73 65.9.95.73	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	52.56.54.153 52.56.54.153	16509 (AMAZON-02) (AMAZON-02)
111	25

42 2606:4700:3037::6815:e8f (United States)

ASN13335 (CLOUDFLARENET, US)

newyearwishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.113.117 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-113-117.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-73.prg50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.54.153 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-54-153.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	newyearwishing.com newyearwishing.com	949 KB
12	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 15614	59 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	262 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 24080 hal900018.redintelligence.net — Cisco Umbrella Rank: 584799	80 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	28 KB
5	gstatic.com fonts.gstatic.com	96 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 5754 pixel.mathtag.com — Cisco Umbrella Rank: 1405	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15646 api.webgains.io — Cisco Umbrella Rank: 40158	32 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 101420	6 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	119 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265	3 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 21883	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 154070	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 202889	932 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	611 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	256 B
111	21

	Domain	Requested by
42	newyearwishing.com	newyearwishing.com
12	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
7	pagead2.googlesyndication.com	newyearwishing.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	newyearwishing.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	hal900018.redintelligence.net	hal9000.redintelligence.net hal900018.redintelligence.net
4	hal9000.redintelligence.net	newyearwishing.com hal900018.redintelligence.net
3	tags.mathtag.com	newyearwishing.com tags.mathtag.com
2	api.webgains.io	analytics.webgains.io
2	cdn.retailads.net	1 redirects futalis.de
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	newyearwishing.com adv.office-partner.de
2	fonts.googleapis.com	newyearwishing.com hal900018.redintelligence.net
1	www.google.com	tpc.googlesyndication.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	googleads.g.doubleclick.net
1	track.webgains.com	newyearwishing.com
1	futalis.de	hal900018.redintelligence.net
1	adv.office-partner.de	hal900018.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	www.googletagservices.com	newyearwishing.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
111	26

This site contains links to these domains. Also see Links.

Domain
themeforest.net

Subject Issuer	Validity	Valid
newyearwishing.com GTS CA 1P5	`2023-04-28` - `2023-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
update.mediamathtag.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.futalis.de R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://newyearwishing.com/
Frame ID: C7912AB83C7E04EEC50E85B946DDC946
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Frame ID: 699B824BF446B2C9832C8A2BEC0E948A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7657292019044425&output=html&adk=1812271804&adf=3025194257&lmt=1682706946&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fnewyearwishing.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682706946455&bpp=16&bdt=446&idt=306&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3926637277639&frm=20&pv=2&ga_vid=1836427309.1682706947&ga_sid=1682706947&ga_hid=861665847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44785293%2C44788441%2C44789761%2C44789779%2C21065724&oid=2&pvsid=2852151305666394&tmod=2069116992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: C19F97E89FCC62F688CC473F2E4F1A36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7657292019044425&output=html&h=280&adk=2712437551&adf=2710051258&pi=t.aa~a.2066426442~rp.4&w=1160&fwrn=4&fwrnh=100&lmt=1682706946&rafmt=1&to=qs&pwprc=7445645216&format=1160x280&url=https%3A%2F%2Fnewyearwishing.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682706946471&bpp=2&bdt=461&idt=332&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3926637277639&frm=20&pv=1&ga_vid=1836427309.1682706947&ga_sid=1682706947&ga_hid=861665847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44785293%2C44788441%2C44789761%2C44789779%2C21065724&oid=2&pvsid=2852151305666394&tmod=2069116992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h5K1QDyPlN&p=https%3A//newyearwishing.com&dtd=336
Frame ID: 6B0A47DE31FFF5AAE8AE992A60B4382E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: E05209403B10220A49EDD52B8644F71B
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1KaE16RmpOVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MDU2MTY5MTIyOTI1NjMxNjcvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1N3NzcWk0YnZTcUUwUFFwVjhsQjd3OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODA1NjE2OTEyMjkyNTYzMTY3L2hrZy8wLzM4MC84NS85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjgyNzA2OTQ3LzE2ODI3MzA5NDcvNC9wdWItNzY1NzI5MjAxOTA0NDQyNS8/J4PgX99dK0IZ96lsQgpt-80A4yI&nodeid=3350&group=hkg&auctionid=1805616912292563167&pbs_auctionid=1805616912292563167&shardkey=1805616912292563167&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.91&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%26client%3Dca-pub-7657292019044425%26adurl%3D
Frame ID: 2988081D34C6017C798A98348CBC03CE
Requests: 29 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 10D9F927C4BAD2B64619E8B58AA0246B
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2656337015
Frame ID: 26BCE1F2D70F819383D70E63AF87110A
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Frame ID: 126A9FAE679CE4A5B4602B278E309926
Requests: 9 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e
Frame ID: 34D03BD4CC828B2AB89DA2374629154F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DED87690E4A8F01E7DF241F1F9059B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6336423A8450E9325892231B45837698
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NewYearWishing - New Year Wishes, Messages and Quotes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

111
Requests

98 %
HTTPS

54 %
IPv6

21
Domains

26
Subdomains

25
IPs

5
Countries

1694 kB
Transfer

3581 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://themeforest.net/item/boombox-viral-buzz-wordpress-theme/16596434?ref=PX-lab
Title: About us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=73461300163222900951395012308018&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2656337015

111 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newyearwishing.com/ 87 KB
17 KB 249ms
142ms Document
text/html 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8239e2a27378ad368bb01a52fa3687440ecc4098e72866376b573814fd06be06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bf1682bbbfb6993-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 18:35:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://newyearwishing.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DscrXKpx1hHRnpq166XMyynlZz4si1KzjYwDxpRzIHBK7qTvrJAiEpPOGqxiommgMf36mgyHGLO2KUkuZc64OoOU89MBZMxEO11IsmNQG%2FokEU1QDNREm%2B6hfbBf%2BVsoBDOujW2e2MXuMaEce6pCT7k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-mh-tag: 16989is
x-nginx-upstream-cache-status: MISS
x-powered-by: PHP/7.4.33
x-server-powered-by: Middlehost Optimized Server
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
newyearwishing.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 129ms
127ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 17 Nov 2022 16:05:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnuhjdR5X1wRNasDskx11LlQoy0FID%2B9GeogoqGa4WuS8wWRJrsr3ZRtPeCeYe%2FTcM9oNZJ5Nlv9rvDUF7XEzbIFIuL%2F%2FfPwE77ydk1DcTwZijgW5mabLgYOIKBmYUjcx1YjCOC0WqodJDG6gwEcgqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cad326993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 classic-themes.min.css
newyearwishing.com/wp-includes/css/ 217 B
465 B 87ms
85ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 17 Nov 2022 16:05:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBYCTrBN8CVuf1ZUUnybC2O3kUESnpA8poylP5cAifjw05H2AgvD3rsu7eFQHJtiEsCtZ57xaE3oE5gWQrYohXD7m9n1Buh5QK3Zyh5RtOPX%2BfI9tRtNiVan0leE2mnFujgpsmohv4zHZxb%2Bf5EiMVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cad2c6993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 styles.css
newyearwishing.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 86ms
84ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 18 Mar 2023 14:28:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX6fhy62HrTisVbIiNT%2BHr0cus5CAAkm%2B6krWJdleU9MIlfKoJHn96P%2BbC2N4vEoy2g33VPEsCbbUEUiVyYc6pud6XhP9fA6bnE7akYSsnk0wGzsnkqCS8QGww2YZ1mRz%2BMnLYKcggu%2BytGEm3bUWGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cad2f6993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 plugins.min.css
newyearwishing.com/wp-content/themes/boombox/js/plugins/ 12 KB
3 KB 85ms
83ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/js/plugins/plugins.min.css?ver=2.8.5

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b3be9a5b8269677af77000949595985afaf9571615226179046180c31a58e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FIk%2FsH7CoAtZ7bML7BEhV%2BhQurA%2Fj0mqjSwAWdeoQasgkKJdv%2FnzUHn6wyxWWPmGOTaKDwPaN5azPPUTgBkNq1IgKUykQOmYjkeuC4Yu19l6yf3%2FCxWYkkePwTFA0kynIlMaBtrX9xbK2u78FCw4Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cad306993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 icons.min.css
newyearwishing.com/wp-content/themes/boombox/fonts/icon-fonts/icomoon/ 11 KB
3 KB 88ms
86ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/fonts/icon-fonts/icomoon/icons.min.css?ver=2.8.5

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c88ff357737bd35332beebde4eebfa7d7ad0fc83e7814467dacfee71a5f86d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rruhUDQhmvW1%2FJs7LzozIl2nGu3rixHxv4AkHIzmg%2BRqzbtejqystD%2F%2FVDG1S4ZM8h7Uswm0J3%2BJqvj%2FEziyOQcsBfySTUQoMK1k1%2B7VS0rAtDLdPT6U5T9kRJwN%2B%2BMn2GHaJuLUh44JutRqVs2xAEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cad316993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 39 KB
2 KB 147ms
53ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset&ver=2.8.5

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b726d30778d57eba591d763e65bca6000b4039fc32f9f351aa3e88b7de260b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 18:35:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 18:35:46 GMT

GET
H2 200 style.min.css
newyearwishing.com/wp-content/themes/boombox/css/ 271 KB
40 KB 99ms
98ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/css/style.min.css?ver=2.8.5

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

585fa1510e4e3c2310664e3a422d5f9ade3069e7ac6dce79b523411e469a6aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcNXxqX3wDBBww8HK4UI32NzL%2Fo7Jd0mHd6CVSpQi%2B%2F9fGUvPBFuqWYU4cJu%2BRawjBTe5bDrrW0HixyYfhnMg4uME%2BAJVsuGTBA5GG5nlJMZHHa5FVqVzkIn%2F7%2BHSgViFPv7nzbb66aQZXaPsrsk5rM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cad336993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 wp-emoji-release.min.js Show response
newyearwishing.com/wp-includes/js/ 18 KB
5 KB 98ms
96ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 30 May 2022 07:24:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCrwlf9X5scimk96pW6b6kzozspZTKQ8y0o0HhoGGCEbtry32PNiPDLBF5GRg4UxO9TPqWv8fdf4oGyVEt5bAwYu5vWWfW%2FYs8lckHaJzWOi1lO%2Bo9QwfcE9fGAQ70h8hUKJtlKjLeKHPjMuAX3HpT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682dc9ee3653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 subscribe-forms.min.css
newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ 55 KB
4 KB 96ms
96ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.css?ver=8.1.1

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dc014d3dea66bfd897ac7ed3a76388376af10d884bb6e5512ac4ecd6d6ea961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Apr 2022 10:45:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTYfMfF6tlKEVpIHtajwfPvpI1wM4%2FQXzTZShYYtGev0e6585IDKuZAa%2Fvlbtbo4E5H%2BSEbPQBwI8hTu3dzCPU8Frrg1kw6viM5HvJzXvqbYP1MkZyRCQIiLJH%2BePshW%2FtmB1dIQI777%2B2t%2ByVGRYUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cdd666993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 easy-social-share-buttons.min.css
newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 114 KB
15 KB 129ms
128ms Stylesheet
text/css 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css?ver=8.1.1

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7276f6b63b427c8fb125446589d4f546d88487d2691b5171db9d3b74f5cbdac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Apr 2022 10:45:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDerjGZ%2Bw%2BmkTPvsyasbN6O83Iw2s0ZyUoTFjL2ZWHyPZNyG3Mgu%2FbQ5GM3uUJKoPgxizsBfT6tNsFMEY7CZb5xTYh%2Fkv3fWfKNjMOUdCXZYhew%2FbS%2B%2FE1wGcaCM%2Bmub%2FMo5cWTWQEcuQQrSp55z7m0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bf1682cdd6c6993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 jquery.min.js Show response
newyearwishing.com/wp-includes/js/jquery/ 88 KB
32 KB 116ms
115ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 17 Nov 2022 16:05:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhMuBMDEWv9wcUofxiBSXO9wxm5%2Faudt6HOFzWYbgJ6jq5yitss9J66pYZyjmbEo0QJPn0bCf01K9%2FEmvI75hEcsNMMYOpmFDAYxf0%2B39aIz2A3rzbbIgfUU%2F%2BEQEJBy45r36lTdLNo4glJqtGTaGaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682cdd6d6993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
newyearwishing.com/wp-includes/js/jquery/ 11 KB
5 KB 112ms
112ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 18 Nov 2020 09:36:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FQLLxHUMPXCV610mHgYgX39z4rnG%2BYa8sPfs%2B1SIg%2BrLn0nlGQyBhBujhsdC8xJC3SKZEHscqoH0lXWigS50Mdviq6tGE3j2GdKdViI5jXAD4qS%2Ba%2BF26%2FfdPM%2BhfsX1T8yCn1fYvnEpJArlhFYOFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682cdd6e6993-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 192ms
93ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7657292019044425

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5f15800c17020e395b4adcc9ed7a0cdfd94366b9180e28a5572252f08ffadee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearwishing.com/
Origin: https://newyearwishing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47394
x-xss-protection: 0
server: cafe
etag: 2371189969674631336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:35:46 GMT

GET
H3 200 New-Year-Wishes-768x450.png
newyearwishing.com/wp-content/uploads/2022/11/ 400 KB
401 KB 138ms
136ms Image
image/png 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/11/New-Year-Wishes-768x450.png

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746f8b5b13f18dd1256fce39eb6a6b568e182d36ad66e0f415b844f3c11a9743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 409931
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 22 Nov 2022 23:40:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cVKocUz9xZWa8Cwu55rCdTFxpEuf0iOELZtqSZvcVEBafPY0u%2FDsR%2BXijHHoiqA77vbd%2FVdpKzaD8Ox9Gf39cNLN%2FpfKk1ALL6TuhFj2k8Ehn5Tjbphz0wLWShLTo8wIL%2F2EkaTJ7I%2B3VamWExElsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682dc9ef3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Best-Happy-New-Year-Wishes-for-Couples.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 29 KB
30 KB 115ms
114ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Best-Happy-New-Year-Wishes-for-Couples.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0017583d65b4e48163cdd60eaa66c6afbf3035da61bc0a7be66f819f042360c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29830
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 28 Jun 2022 15:48:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQOjBAHl2ZhQYzTZ0PjvJIDT8UqTuuwKshaC4ZSYS1DnqhRfyAWWoJibWecgcjOR7IafFUM%2BZnwVPfG9V0wLD2mziomEhPnCCqz%2FxgbjFSj77j%2FRGoU5314%2FpLN9pdDfvd3zKRaqAq406njK81fz24Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682dc9f23653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Eid-mubarak-messages-wishes-768x432.jpg
newyearwishing.com/wp-content/uploads/2021/03/ 29 KB
30 KB 323ms
322ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2021/03/Eid-mubarak-messages-wishes-768x432.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cebea48250e2096307c506a9e57ecdfa22c25cfc493feeb03d2dd004c547101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29843
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Tue, 02 Mar 2021 14:12:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8f89iviIykO0xcLuV%2BfR7%2BGePM6lC1sG1jPO3NHMtphNY47Sn%2Fl1I6GP8i5cpCYG3GjEjsPbfvUDswc0DysnI8P6zADXsQyh9C0s8FoH5yVRt8AM%2FP7hB4OGs4hkL9f0E2faPbBeuOMrdUOjpyL3GU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682dc9f33653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 174ms
75ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DW8Y6BPKHP

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59597f230f3de79e0242afff86272726005d4a13aaa74811f31433fb754c4ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 18:35:46 GMT

GET
H3 200 index.js Show response
newyearwishing.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
4 KB 92ms
92ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 18 Mar 2023 14:28:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xMLfSxqZDEGVYqplClMqV2ff150DApS5CFR%2BDvQP5VPxstObFSnJALGx7pTxcCAfqQw0goSnEo9%2BUWJ%2Bh09XPP3hWdEdBsFu6ulVjaND52GV9APdcooCKSg5KVef1qzJ6ro4nNoCJzS27kbRAAQy2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682db9c63653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 index.js Show response
newyearwishing.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 95ms
95ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 18 Mar 2023 14:28:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVdUEGBq0%2FdQLcTb4BTs6MhbfXsuxyxqaIXvEwMAZWUhqoz18C8swnc8nov01H1Z6Njho2Bvmbwc6cnu04j7IbKdXKBi%2FbICtHONVsryqtaYqX8OejmPs%2FMLSgbE13A8E%2BomGZ2vzMs3dvR82VAs960%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682db9ca3653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 scripts.min.js Show response
newyearwishing.com/wp-content/themes/boombox/js/ 126 KB
35 KB 282ms
281ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/js/scripts.min.js?ver=2.8.5

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9816312cc4ecbcf6b4b7bec51bd1686c85805773921bcc46d9a0ddce3871c150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe4o8dKVt8A%2BINDTU1epYessL2p9Mgghs1Dt5LTV%2FOOHk7rr05SC6KdT2n8Jwa%2FRbkcjL8sNufMcIz4ZCTxddmMlBHCfv6DkXYtf7YckqsnajP45cQBy2Swd%2BYBbgiNaZIvJzxoJeg9onz98E25KH3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682dc9e73653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 ajax.min.js Show response
newyearwishing.com/wp-content/themes/boombox/includes/rate-and-vote-restrictions/js/ 3 KB
1 KB 162ms
160ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/includes/rate-and-vote-restrictions/js/ajax.min.js?ver=2.8.5

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781a861bd17f38bc7c1b821f6cc1cb6d79379e8669be4275c28d22eb0cc02cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH8%2BPWEVgFMYoAAi%2B6MrQ2%2BdeC7t1CCg7AS53Wk6lZRaz%2FFwgxOXtBQzMJNqJCpUixmHNyrbcDkUlwiZy7pPJbeVthrV%2Fpe0WNCF96G%2F8dTZ3sQJhud%2FAC2%2BPquqI50EbTjP1cZTe96myv7m17dMvUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682dc9e93653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 shortcodes.min.js Show response
newyearwishing.com/wp-content/plugins/boombox-theme-extensions/boombox-shortcodes/js/ 2 KB
1 KB 155ms
154ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/boombox-theme-extensions/boombox-shortcodes/js/shortcodes.min.js?ver=20160609

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987f8028ee3c51a8115d655bc725c0478c7751fd9a085814563867a7a9008079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Apr 2022 10:45:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKv%2BQnlsVdBUX%2BhPsGVp7HDmojTed7Env2cXY1ISPK58rHubS7SiNmDgcLgwcFgEnFXLcT4JlN2E4piVZdsnuPm%2FvN1E3QUG1uzErMoJF4QvgeFH8Qn%2BAQPAojw3vXy9kaujYIkmF3m6naqkqYW5IRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf1682dc9ec3653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
32 KB 139ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset&ver=2.8.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newyearwishing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:20:36 GMT
x-content-type-options: nosniff
age: 508510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:20:36 GMT

GET
H3 200 bb-icomoon.ttf
newyearwishing.com/wp-content/themes/boombox/fonts/icon-fonts/icomoon/fonts/ 72 KB
44 KB 310ms
309ms Font
font/ttf 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/fonts/icon-fonts/icomoon/fonts/bb-icomoon.ttf?tppylb

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/wp-content/themes/boombox/fonts/icon-fonts/icomoon/icons.min.css?ver=2.8.5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ddf44704c93f670e08c0074597de17fda37f4b2509a749be37ee0da41b50e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newyearwishing.com/wp-content/themes/boombox/fonts/icon-fonts/icomoon/icons.min.css?ver=2.8.5
Origin: https://newyearwishing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gYZNHxump6%2BrLFR781WNLO8WIOivJ6YvcL8fWWNtpKpfih7%2B1sGi1%2BXq8YW6iW%2FMY7ssKhWH%2FfMBB6CAAww0CuA2hoMXL71GnuJzigB67gQZhoneyBmoSw6HU22AGcvKADlRgl%2FXnFC9CYUlilDnNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=5184000
cf-ray: 7bf1682dea073653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 189ms
93ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newyearwishing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 532897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 14:34:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 181ms
85ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newyearwishing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:41:56 GMT
x-content-type-options: nosniff
age: 507230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:41:56 GMT

GET
H3 200 ui-icomoon.ttf
newyearwishing.com/wp-content/themes/boombox/scss/icon-fonts/fonts/ 53 KB
32 KB 163ms
163ms Font
font/ttf 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/themes/boombox/scss/icon-fonts/fonts/ui-icomoon.ttf?hv0pr7

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/wp-content/themes/boombox/css/style.min.css?ver=2.8.5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b2858ae2b76e2f901540c435bd9dd2ea8dbc47a0bbd5f2d8357d787e39673fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newyearwishing.com/wp-content/themes/boombox/css/style.min.css?ver=2.8.5
Origin: https://newyearwishing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JpEtbSglqN4aC0GlX2XPAu4vwRm11AYIGix4LYNBoG9qJJfrMNWg6v7zDWgb%2BZTz%2BSfavG%2Bp1yfcuwNxrgLLftxq%2B49mnnXwCF9G34yjBx4g6c%2FEiynYbTCteqq2WC8OZUeFeMjKGKDhrl57YD0O%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=5184000
cf-ray: 7bf1682dea083653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 New-Year-Wishes-200x150.png
newyearwishing.com/wp-content/uploads/2022/11/ 51 KB
52 KB 294ms
290ms Image
image/png 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/11/New-Year-Wishes-200x150.png

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ff25d2cc5465194bea989e31a21e4399a43fc2cb910a30c77f72856a2e0e0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52490
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 22 Nov 2022 23:40:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvsMEthSK6plPNaHGG1FxHDFTu9oBfRClvxM1LckLyd5oIotB9ehGHWO28dP2pRzxm%2BvafEOwJEwpAkjDpurCtiU39a38ANKni0ZU5WfNxjhKbncmcsm9dpm%2FMJvn0%2FKxFO0LzI%2Bc6vJhHyZzM3b04Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e0a383653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Best-Happy-New-Year-Wishes-for-Couples-200x150.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 7 KB
7 KB 307ms
299ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Best-Happy-New-Year-Wishes-for-Couples-200x150.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f15372a7ab0e5b96bdc7be6d1dce4ff1f1b34ab33e752f6c63a4ace3daedae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7013
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 28 Jun 2022 15:48:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIks3Au7XbjLBf9LEGqLUvuGxOXz6HdK9z7OdkqRb9Jihl8yj0sMYemf92e8VUe7Q9Tpd8qchQlIx9waz4I0vaIQT%2FJz%2BltZNvzz48CjacysCRxlY%2BeJ4W99tU4R3US44rJa2euCTYxup8yirXmxHec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a3f3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Simple-HNY-Wishes-Messages-200x150.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 6 KB
7 KB 307ms
300ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Simple-HNY-Wishes-Messages-200x150.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f565f46711b3ba86b5ec12b6098509ceaad7279bbe3d65ead00a134a8eeea54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6103
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 28 Jun 2022 08:10:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfxqCGpzF2OW8ckpdMqYe9DxtLbMYOKRn0gD2NblYilfqwCbzxYB3JDjODA2PhwIyeFrMjwDi1i405IGV0flaq8aGVP4uGk3WP0YpKdK11jPyja1PAMDDU0nj0oqilwf9%2FCFDf8TY55U%2F6s4CQE1azk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a403653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-Unique-wishes-messages-200x150.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 6 KB
7 KB 308ms
301ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-Unique-wishes-messages-200x150.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9eb6306fa4de7483dc1355f640468fd4b9eb9d7e62651b3e5179fbb2bcad835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6506
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 28 Jun 2022 07:43:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhQ9JH9K9dYyNWH52TE6kJxKCRV9na7LIZ3F8721NBzXCrrdyXnOUbZ2z3ibkIrwbDGufQexLZNa8dsEDMzi1P26%2Bu5UR1t1GsOeVbzYiAk%2BMKsuiwKFuhJCtACiVfHapPYv5DurBT3X8QNEJUQwXEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a433653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-Wishes-Messages-to-Team-200x150.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 6 KB
7 KB 308ms
302ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-Wishes-Messages-to-Team-200x150.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcac735394b93a96ba0e7d8ad1e6b29bdff2da88a1ed41a448db3a3108b50082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6395
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 27 Jun 2022 10:50:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTp7W83TAMQl300ZWe%2F385W5ieLTwn9YW32bN1B5Geaz3vhKJ2v1GdS06rp%2B%2Fa7d%2BVYXWQw%2BrbmAqNO8sNPggXHxTsqtx1XZZHRtyb4m2s2FU3KvbZRRW3liqXqbqaJNQE3CZq6chaXezNAkMqeG9x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a443653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-Corporate-Wishes-Messages-200x150.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 9 KB
9 KB 313ms
308ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-Corporate-Wishes-Messages-200x150.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e66cb91c3dbc344eeb5552cb1c1689e60c671587a9271a35cded7c492d3657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8883
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 27 Jun 2022 10:28:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIerWS5mx11mtqyUTSN8FmIoFwOUGiJNH%2Bc9KRlYo7rqWxma0wxHLcW%2B7B%2BnNJZ62YPXSG0e%2FrmI%2BJgNH9H7PRiauHCjU44hvnQXiUauJ2Z%2FVkjTyose85hx6PAHIB1I31punLk%2FaGpWbSYzWYtFBig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a463653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Best-Happy-new-year-captions-200x150.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 7 KB
8 KB 313ms
310ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Best-Happy-new-year-captions-200x150.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d68678fa18208e9aa8cb4f556567ecd0aef601f4d831496133b7b97a5ee67bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7236
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 26 Jun 2022 10:51:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD9wAz0z6dJ4F%2BPD%2BY3PvSe50tm6aZnjJabDm5wsQCIKjBy8g%2BZASqel7%2B%2BrI3k%2FjJOt5lFLZsrXCPcQSc3n6i2xNTh8BBtuKffflfwOu9upsV3qaK2%2F6IIGbE2S94oUjrUEFp6qhgYRGzZzvybsuVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a493653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Simple-HNY-Wishes-Messages-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 10 KB
11 KB 314ms
311ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Simple-HNY-Wishes-Messages-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78b48f2393a893d55b23ba7bce0ed757cb080b449ba3dbce4e6127db31129f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10672
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 28 Jun 2022 08:10:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BfLx3wBvCqUnsDJlV%2BBMgnDCiQ2Spebo2o7C%2FXrOSdc9VlaEsOXGepeJyCLX38vzbcrGOE%2Fhn8R%2BGz5UywggaWUZtGD%2Fwfo0aMwJ8%2Bq%2BtEHxvOg3g%2BS3JJEK1NNkejFQb21UnMItKxkw5Bmz9TXVZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a4a3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-Unique-wishes-messages-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 11 KB
12 KB 314ms
311ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-Unique-wishes-messages-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed4c159ea7e346114dff82e7fe4820be7112f2f1b4a3b1c1d742a8d927eed140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11243
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 28 Jun 2022 07:43:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaZxLPge9X1bzDtmBRaQ8K4%2BbiFjlUqq6tHKStWyKAR4Nw9fKIqcXC2MTgjwGB6hGuxVbWPWAgQ5h2m%2FZTP4FJZLBXIZR%2BjBQ2YthWkWsQdQ7buJgoQypqwE3g2qYYOd3hQwKF9T%2FPYxs48kzsBBn6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a4b3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-Wishes-Messages-to-Team-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 12 KB
13 KB 319ms
316ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-Wishes-Messages-to-Team-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920d1596720db604998111e1e7d9791a7e0920364924375060df15c6db6bb80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12755
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 27 Jun 2022 10:50:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9xxD7TA%2BzWNTrOvq4G1rFy4wVu4dTubQ5weLcUfGL8%2FjIJejCaHoRlUmkP1EpDw1H9EyxTD%2FAm7kjkZJk0d0dpgZ4RV%2BLkAlnXSmWf7RNS7iviO8YcSpi5DCs9ccvdHJik6s4EfG5uFMC%2BmLHqyJEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a4e3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-Corporate-Wishes-Messages-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 17 KB
17 KB 320ms
318ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-Corporate-Wishes-Messages-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9382c9e52136de9701232437d4733e9dc9b8ff952029d84155d1261297cf480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16991
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 27 Jun 2022 10:28:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCz7E9XothAY38zpAXDK83y3IoTIwDYHS6DJCU8hh%2FGJSeMZtBrTAfN52%2BMvrhiGtvtb9udrZ2%2BgkPkcNjVmScXD6a4wcsI29ujDNXb4FkUYdwASA5OFUkd3Hw2KD27IRLEb3q0MfEOdx14wRzY1Eb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a4f3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Best-Happy-new-year-captions-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 11 KB
12 KB 324ms
323ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Best-Happy-new-year-captions-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3c108e114f6e4616fcb5066c02a84d1eaa13ef73bfc58d2f11dd6531918adbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11211
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 26 Jun 2022 10:51:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1Dbnlqi%2BSvTRHu6KXcqovQCVhLMgLkEaNShR2Tj5MZh3alIshKpqCSWUMyj8JeGCw3n2GjJd%2FKdIlZcLFzdHiLWvrgqMcuM5LnO1jsL75Sx94lf1%2BdUi83fjKQmy%2By4%2FzKxLo9traSca%2Bh2mFjHdsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a523653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Best-HNY-Wishes-messages-for-wife-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 12 KB
13 KB 326ms
324ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Best-HNY-Wishes-messages-for-wife-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96ac7c975bbacd295c8e50da5a8229ce0ef66936a05a46b9ebdaa6044a76fecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12337
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 26 Jun 2022 09:58:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ9oIbDcMjSiYnBOzxjPbcxPlJKfZ7w%2FcmtIOjhZofwttNuQ89MUTKVQ9eWRivvK6oFwtY%2F9Q12Fc1NDzR5xneJAVwaKVl6HZgFR5xmeimt9Nev5N8MWBRVu5bke6onTSSgjmFpK2VvrJMExXks56yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a543653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Best-HNY-Wishes-Messages-for-Teachers-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 11 KB
12 KB 326ms
324ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Best-HNY-Wishes-Messages-for-Teachers-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645f47bbb252c78156cdc7722c505866190fceecf763d77e1d2d5e6fae793856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11752
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 26 Jun 2022 07:45:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB5DIfJAD7KpiQ%2BFv9W9B%2FrucKkeXXBl6ZpJ5%2Fx01LYKo%2Fjrr4Y8APOZVhfpTMX73wdVsCCU0uihRSb1HQSF8hG16NrMAIr5ta%2B4ySOfQRjm65j7efYDvWOHa8%2BEBsSfOgRmwJ46rlNA%2B%2BCMX%2FdycDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a553653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 Cute-new-year-wishes-for-crush-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 11 KB
11 KB 327ms
325ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/Cute-new-year-wishes-for-crush-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da740c53156ae7c3240956627edcf544490b6b9db385351cfe87edb40a5deed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11037
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Jun 2022 10:28:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgNPENhqKhy6CN9hzS1OTTaRAkrKst2cMYr0%2B26HhsFqEGtd9IHpoBZijvrw3dAlJ%2Bc9br%2BSWn%2Bm5Nk7y%2Baj7ysbzy93Vw3uENDYpNniir9duHXZDz40PydU3LcJLRZuIMi7PGUFIudtcqMBrHjeZEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a593653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 HNY-wishes-for-Colleagues-worker-employee-360x180.jpg
newyearwishing.com/wp-content/uploads/2022/06/ 12 KB
13 KB 328ms
326ms Image
image/jpeg 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/uploads/2022/06/HNY-wishes-for-Colleagues-worker-employee-360x180.jpg

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49aa12a2e2c3fd24c075aac5b14e6f82d708bb7824a5d77abbcf9ab38e10f49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12343
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 22 Jun 2022 11:08:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usjL9idr%2BRAZoHcz7UMiO66LV0dbANhlsTRUUBiwAAcFSNsMSsgpeStWVdnYeAhxQrCx2a8I2VYqd%2BlQWAE6V%2BJHVnpUPKBny3nTxA9SwfB%2BxPbASs7ei1eZ%2FISxH2%2BpSpiwZGQLrOFh%2FG%2BSH%2FzNjtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682e1a5d3653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/ 354 KB
119 KB 195ms
107ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7657292019044425&plah=newyearwishing.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7657292019044425

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1162a634e5b58c05d2800cd5b61a205b8727eff6d92b18475f5a97dd59663cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121980
x-xss-protection: 0
server: cafe
etag: 9061955710698764817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:35:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame 699B 10 KB
5 KB 129ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7657292019044425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearwishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 21:16:27 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 21:16:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ajax-loader.gif
newyearwishing.com/wp-content/themes/boombox/js/plugins/ 4 KB
5 KB 84ms
84ms Image
image/gif 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearwishing.com/wp-content/themes/boombox/js/plugins/ajax-loader.gif

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/wp-content/themes/boombox/js/plugins/plugins.min.css?ver=2.8.5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/wp-content/themes/boombox/js/plugins/plugins.min.css?ver=2.8.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4178
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 27 Dec 2022 08:04:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcjb5Gh93TTIRsixPr9FTFnVYxkFJ7REEkHB1ddyTBuQpCEQYpjJL5g%2FUuLhsLkzN3466lXPuaOZqQEXEz%2FvYacbdRDRtbKVWmFNK5IH%2BQfB7xcdUs2YKcQiTvYDkJZmxO3LWcImQty6zyBSRyeO%2FHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7bf1682ffd833653-FRA
x-mh-tag: 16989is
expires: Tue, 27 Jun 2023 18:35:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 151ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DW8Y6BPKHP&gtm=45je34q0&_p=861665847&cid=1836427309.1682706947&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682706946&sct=1&seg=0&dl=https%3A%2F%2Fnewyearwishing.com%2F&dt=NewYearWishing%20-%20New%20Year%20Wishes%2C%20Messages%20and%20Quotes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW8Y6BPKHP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearwishing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pinterest-pro.min.js Show response
newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ 8 KB
3 KB 140ms
139ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469deec516519243a810111e147a36faa1929d647add3a1c7561c7460cac0911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Apr 2022 10:45:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axamPQgxlhaRKLBnQbzsOYhHSWZDglmvJGYmUjEb8lCdugjKfFrCOEBitUFceR4HiNh%2FjmqeasOBPByTOw5KKccyT%2FvvSwmHshm7H0SL%2BvdvFKvQxFFv%2F3R5s8c7KUKMM4wYmb7KZZfltha9LqSaM%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf16830ded93653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 subscribe-forms.min.js Show response
newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ 9 KB
3 KB 86ms
85ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d92bc401f139c2f26c2d85a3050b019bce576ba35c25fe7d6ab49000c59d55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Apr 2022 10:45:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXN%2Fsi2M9OuRrCzmrzt41oDUbTDa2XFLhEa14gE7Kk48jIE7gtKDODUcQQDdiWqaSdFgIXlqMCMqJMTHhlyVV%2F9b6Y69aDOIoJwEWewBsqvIPC3fRMPbcDZbUi5zBu8Mbeuk2BQ94283ZFg0dAgtzhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf168307e413653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H3 200 essb-core.min.js Show response
newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ 35 KB
9 KB 178ms
178ms Script
application/javascript 2606:4700:3037::6815:e8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearwishing.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:e8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f28cd857cd097e2af1133e7564e7893f0357a1699320f620b1eed60ea156b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
x-server-powered-by: Middlehost Optimized Server
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Apr 2022 10:45:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9rpCmstsNT4oXir8%2BPKLm3Z%2BfIJWPfVk5Xc%2F0KgY2MGzo%2Fpjc9pc%2BLhfWWhQGJcsCeAsKGwQMg586EZZs0KpMPIPgKfHMdh6HsiqU%2FM%2FNvLSnQzgezVEUrxia2tYtGaVHUQI50LFR4qSNoDoYt7srg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bf168311f343653-FRA
x-mh-tag: 16989is
expires: Sun, 28 May 2023 18:35:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
611 B 178ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newyearwishing.com&callback=_gfp_s_&client=ca-pub-7657292019044425

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7657292019044425&plah=newyearwishing.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1623e371c4d10830bd8a562fb0128604f2ed2c4481c9388f39a79abd2a2cd8d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 160ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newyearwishing.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 148ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newyearwishing.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C19F 67 KB
19 KB 746ms
744ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7657292019044425&output=html&adk=1812271804&adf=3025194257&lmt=1682706946&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fnewyearwishing.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682706946455&bpp=16&bdt=446&idt=306&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3926637277639&frm=20&pv=2&ga_vid=1836427309.1682706947&ga_sid=1682706947&ga_hid=861665847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44785293%2C44788441%2C44789761%2C44789779%2C21065724&oid=2&pvsid=2852151305666394&tmod=2069116992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96abaf9d8386f16f59b31f1ea2614a1ad6aa19470f9213df265b0b6a2f0d3ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearwishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19196
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 18:35:47 GMT
expires: Fri, 28 Apr 2023 18:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B0A 430 B
232 B 473ms
472ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7657292019044425&output=html&h=280&adk=2712437551&adf=2710051258&pi=t.aa~a.2066426442~rp.4&w=1160&fwrn=4&fwrnh=100&lmt=1682706946&rafmt=1&to=qs&pwprc=7445645216&format=1160x280&url=https%3A%2F%2Fnewyearwishing.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682706946471&bpp=2&bdt=461&idt=332&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3926637277639&frm=20&pv=1&ga_vid=1836427309.1682706947&ga_sid=1682706947&ga_hid=861665847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44785293%2C44788441%2C44789761%2C44789779%2C21065724&oid=2&pvsid=2852151305666394&tmod=2069116992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h5K1QDyPlN&p=https%3A//newyearwishing.com&dtd=336

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

191a9ff6f0cb2bb93b84c4b107e42f8ecf07b5bce6a1ecfa5730342d7eef6a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearwishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 18:35:47 GMT
expires: Fri, 28 Apr 2023 18:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/ 148 KB
50 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f6a7b3a1e98bb9ad794d96f36198309ce654843b8b09def9faa228c618ace8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51477
x-xss-protection: 0
server: cafe
etag: 15817400211410172721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:35:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 50ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newyearwishing.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 51ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newyearwishing.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame E052 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearwishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 08:41:08 GMT
etag: 2378337311435320485
expires: Fri, 12 May 2023 08:41:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 2988 3 KB
2 KB 600ms
498ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1KaE16RmpOVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MDU2MTY5MTIyOTI1NjMxNjcvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1N3NzcWk0YnZTcUUwUFFwVjhsQjd3OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODA1NjE2OTEyMjkyNTYzMTY3L2hrZy8wLzM4MC84NS85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjgyNzA2OTQ3LzE2ODI3MzA5NDcvNC9wdWItNzY1NzI5MjAxOTA0NDQyNS8/J4PgX99dK0IZ96lsQgpt-80A4yI&nodeid=3350&group=hkg&auctionid=1805616912292563167&pbs_auctionid=1805616912292563167&shardkey=1805616912292563167&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.91&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%26client%3Dca-pub-7657292019044425%26adurl%3D
Requested by: Host: newyearwishing.com
URL: https://newyearwishing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.386.2 /
Resource Hash: 0d03780a2a7fc929acc62830dd83e0699cf4589b927d97d5b6105ae29a242f70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:48 GMT
x-mm-nodeid: 3350
Content-Encoding: gzip
x-mm-bid-request-time: 1682706947
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Fri, 28 Apr 2023 18:35:47 GMT
Server: MMBD/3.386.2
x-mm-latency: 456 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x28, hkg-bidder-x108
x-mm-lag: 1
Expires: Fri, 28 Apr 2023 18:35:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2988 3 KB
1 KB 142ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2988 19 KB
8 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2988 158 KB
49 KB 152ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newyearwishing.com
URL: https://newyearwishing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:35:48 GMT

GET
H/1.1 200
OK k2vt83281pvm Show response
hal9000.redintelligence.net/zone/ Frame 2988 10 KB
3 KB 141ms
42ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=1805616912292563167&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_6Vp0Sujeeios96UgVAp0A%26exch_seat%3D20035004448%26mt_aid%3D1805616912292563167%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_cid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%2526client%253Dca-pub-7657292019044425%2526adurl%253D%26redirect%3D
Requested by: Host: newyearwishing.com
URL: https://newyearwishing.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b9a8e32e69c8d33d40adcb0b4fbdc195421369a4ca2e98a6b696d093ccde763c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3327
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 2988 49 B
330 B 355ms
271ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1805616912292563167&node_id=3350&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1KaE16RmpOVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MDU2MTY5MTIyOTI1NjMxNjcvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1N3NzcWk0YnZTcUUwUFFwVjhsQjd3OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODA1NjE2OTEyMjkyNTYzMTY3L2hrZy8wLzM4MC84NS85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjgyNzA2OTQ3LzE2ODI3MzA5NDcvNC9wdWItNzY1NzI5MjAxOTA0NDQyNS8/J4PgX99dK0IZ96lsQgpt-80A4yI&nodeid=3350&group=hkg&auctionid=1805616912292563167&pbs_auctionid=1805616912292563167&shardkey=1805616912292563167&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.91&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%26client%3Dca-pub-7657292019044425%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.386.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:48 GMT
Server: MMBD/3.386.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x43, hkg-bidder-x108
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 28 Apr 2023 18:35:47 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 2988 7 KB
3 KB 303ms
57ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//newyearwishing.com&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ti=1805616912292563167&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&pp=pub-7657292019044425&sr=4&de=43003&si=533374717&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:1338::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1KaE16RmpOVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MDU2MTY5MTIyOTI1NjMxNjcvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1N3NzcWk0YnZTcUUwUFFwVjhsQjd3OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODA1NjE2OTEyMjkyNTYzMTY3L2hrZy8wLzM4MC84NS85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjgyNzA2OTQ3LzE2ODI3MzA5NDcvNC9wdWItNzY1NzI5MjAxOTA0NDQyNS8/J4PgX99dK0IZ96lsQgpt-80A4yI&nodeid=3350&group=hkg&auctionid=1805616912292563167&pbs_auctionid=1805616912292563167&shardkey=1805616912292563167&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.91&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%26client%3Dca-pub-7657292019044425%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

65b44f9ee046afc02173904e77a7e0ca7451b0f561c1fc9bedb50f168f95f94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 18:35:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2998
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 2988 43 B
416 B 180ms
61ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1805616912292563167&v3=651871&v4=4562306&v5=6622324&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1KaE16RmpOVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MDU2MTY5MTIyOTI1NjMxNjcvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1N3NzcWk0YnZTcUUwUFFwVjhsQjd3OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODA1NjE2OTEyMjkyNTYzMTY3L2hrZy8wLzM4MC84NS85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjgyNzA2OTQ3LzE2ODI3MzA5NDcvNC9wdWItNzY1NzI5MjAxOTA0NDQyNS8/J4PgX99dK0IZ96lsQgpt-80A4yI&nodeid=3350&group=hkg&auctionid=1805616912292563167&pbs_auctionid=1805616912292563167&shardkey=1805616912292563167&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.91&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%26client%3Dca-pub-7657292019044425%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x30 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:48 GMT
Server: MT3 830 785530e master cdg-pixel-x30 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 28 Apr 2023 18:35:47 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 2988 49 B
330 B 582ms
499ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1805616912292563167&st=4562306&time=1682706948&nodeid=3350
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1KaE16RmpOVEV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MDU2MTY5MTIyOTI1NjMxNjcvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1N3NzcWk0YnZTcUUwUFFwVjhsQjd3OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODA1NjE2OTEyMjkyNTYzMTY3L2hrZy8wLzM4MC84NS85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjgyNzA2OTQ3LzE2ODI3MzA5NDcvNC9wdWItNzY1NzI5MjAxOTA0NDQyNS8/J4PgX99dK0IZ96lsQgpt-80A4yI&nodeid=3350&group=hkg&auctionid=1805616912292563167&pbs_auctionid=1805616912292563167&shardkey=1805616912292563167&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.91&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%26client%3Dca-pub-7657292019044425%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.386.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:49 GMT
Server: MMBD/3.386.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x27, hkg-bidder-x108
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 28 Apr 2023 18:35:48 GMT

GET
H/1.1 200
OK request.php Show response
hal900018.redintelligence.net/ Frame 2988 3 KB
1 KB 198ms
103ms Script
application/x-javascript 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0a70ee795d&subid=&uid=5f72015cf6d7fa82&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_6Vp0Sujeeios96UgVAp0A%26exch_seat%3D20035004448%26mt_aid%3D1805616912292563167%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_cid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%2526client%253Dca-pub-7657292019044425%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230426%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=7438925613354&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=1805616912292563167&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_6Vp0Sujeeios96UgVAp0A%26exch_seat%3D20035004448%26mt_aid%3D1805616912292563167%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_cid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%2526client%253Dca-pub-7657292019044425%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7d6c753f904a89a9c4393c5c9e5a0e66f6bfca843f1185e488caf64a400815e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 18:35:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 73461300163222900951395012308018
Connection: close
Content-Length: 1078
Expires: Fri, 28 Apr 2023 19:35:48 +0200

GET
H2 200 / Show response
adv.office-partner.de/ Frame 10D9 930 B
932 B 193ms
49ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0a70ee795d&subid=&uid=5f72015cf6d7fa82&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_6Vp0Sujeeios96UgVAp0A%26exch_seat%3D20035004448%26mt_aid%3D1805616912292563167%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_cid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%2526client%253Dca-pub-7657292019044425%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230426%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=7438925613354&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 28 Apr 2023 18:35:49 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 05 May 2023 18:35:49 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 26BC
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=73461300163222900951395012308018&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2656337015

350 B
401 B

150ms
40ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2656337015
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0a70ee795d&subid=&uid=5f72015cf6d7fa82&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_6Vp0Sujeeios96UgVAp0A%26exch_seat%3D20035004448%26mt_aid%3D1805616912292563167%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_cid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%2526client%253Dca-pub-7657292019044425%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230426%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=7438925613354&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:35:49 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2656337015
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2988 2 KB
2 KB 236ms
107ms Script
text/html 18.135.113.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=73461300163222900951395012308018&nw=1
Requested by: Host: newyearwishing.com
URL: https://newyearwishing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.113.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-113-117.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: cd9cb71932eb200d8ec16048fab31d643b4aa9e8e586ac30623337af6106840c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:49 GMT
last-modified: Fri, 28 Apr 2023 18:35:49 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 28 Apr 2023 18:36:49 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900018.redintelligence.net/ Frame 126A 7 KB
2 KB 119ms
40ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0a70ee795d&subid=&uid=5f72015cf6d7fa82&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_6Vp0Sujeeios96UgVAp0A%26exch_seat%3D20035004448%26mt_aid%3D1805616912292563167%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_cid%3D7ab0644c-1204-4f01-b0fa-675f3bc416f8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrI71AhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBMABT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfdXBTMYweJbH7rrmfmdi_YfOJut0Pkw9a4HSYzu8T0x3OZpTxsZp2S77gAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_12YsTggoqpW4J_2Xw96aWhDId39A%2526client%253Dca-pub-7657292019044425%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230426%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=7438925613354&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3442d8f0a4e35fe3039441feccbc5dfee5eb355181eead82bff123345aefc637

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2019
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Apr 2023 18:35:49 GMT
Expires: Fri, 28 Apr 2023 19:35:49 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2988 43 B
702 B 265ms
111ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=73461300163222900951395012308018&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 18:35:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 225ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?oz_pl=1&r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&psv=2.91.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//newyearwishing.com&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ti=1805616912292563167&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&pp=pub-7657292019044425&sr=4&de=43003&si=533374717&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:1338::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.91.0/ Frame 2988 171 KB
54 KB 57ms
57ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.91.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//newyearwishing.com&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ti=1805616912292563167&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&pp=pub-7657292019044425&sr=4&de=43003&si=533374717&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:1338::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

92ae4e84bc78354fa23b9f0a45989817fe6a2242af3be667e0b9907903e568b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 55047
Expires: Mon, 04 Jan 2055 17:29:10 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 58ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?oz_pl=1&r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&psv=2.91.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//newyearwishing.com&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ti=1805616912292563167&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&pp=pub-7657292019044425&sr=4&de=43003&si=533374717&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:1338::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 css
fonts.googleapis.com/ Frame 126A 5 KB
769 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7bc65b9b935eee5be74ed156fd16e55e9bbfd127cd3341208e7d4fc64addc1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 18:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 17:39:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 18:35:49 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 126A 25 KB
25 KB 121ms
42ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d14e3b542a2d4d5084b21beb1e78f4679f5d2a02329503940a070ff90a03d810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25829
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 126A 20 KB
20 KB 213ms
134ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7a1935e482162d25778a09c52585b4c0c6ac601c5a574cc20e9415682c2276d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 20626
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 126A 27 KB
27 KB 119ms
41ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dbae5942d10f58a93a1f9cca18541b6023908ab6182b9ace8f6af1127ac98249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27271
Vary: Accept-Encoding
Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 96ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706949210&oz_l=407&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2988 85 KB
31 KB 193ms
83ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=73461300163222900951395012308018&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 05:34:41 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 46869
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: z3_B28mpBC0TirG4iyzRsJjKhPhSZJX_11msoXnjgwNc3hZ6xXZz9A==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 2988 3 KB
3 KB 154ms
42ms Image
image/png 65.9.95.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1682707249&Signature=bYxGVJbd9wOZPBUaETL1j-P0e-JZE2rrqngaYFedbptLX5IUKCsVwDw1nf63ZguOh~~ZKjTLP0EQ1YC3fI3TkBhwCVawf1Z44xx6E5mKv69ppvpDfcgkHM-~lSXXNSC5leelCR5fiAeXBfvPBEmtXDsyAueJl8if59C714fVmra-tNBYtBq~Zpz~YsMgRSOqLiImXJqfhdn9p7O~kvCo6vERa0pq7IxALuoaf0PrEVvRlICTPV0mfKEWFXnVdpeXeBKWQ3yfJlw6Bau3TE~cUyHGWGWzMXbD38hmyUsfQ4hA-UYv1CHzHDa5Qr1d5o~1pRbuS4EP5XBsXLoLv3R56A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-73.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 28 Apr 2023 02:44:04 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 57193
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: LyBLSUwuP4ZMtGZJJ6t1rz71Vh4vOQWNX3mFjJusTS8dVH1yDLpSgg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 10D9 107 KB
41 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ab02a06e9918d20f2f633573668b4bde7fc28442a3ce0c83a0dfed5d3852bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41891
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 18:35:49 GMT

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame 126A 0
150 B 120ms
41ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=73461300163222900951395012308018&a=d366fdc0&vb=m
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
BLOB 200
OK 68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e
https://googleads.g.doubleclick.net/ Frame 34D0 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 56ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706949403&oz_l=4979&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 58ms
58ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706949580&oz_l=6490&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:49 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 26BC 5 KB
5 KB 38ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2656337015
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:49 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 91ms
90ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

283b91658dbafa7cb9efeee3a8c42115aba7ecab9b9c5d455c54d23e8e8014d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11175
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2988 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 402954ea2b947e058ef20712d3c05394f23a9ea5acd4e0afa0b50ede508681cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2988 0
23 B 160ms
160ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy5pwAhJMZMaAPMacqAGjuLS4Ac-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTc2NTcyOTIwMTkwNDQ0MjXIAQmoAwGqBL0BT9BAqKzaG8SF5CTsEap1GkMyKCIYkYKXbQvsJbtJvyPzAHNOMt9lauHH84R41yeWto7BxmMgHW75XuW00EF5YoE8xuhiMmC8N4lrUsS0bz_ioipiZbIA_1cAa7V2MuCMz8H1pXWAWY0PzDY85OwfSGQiE1HX-Int4OsfGL8NM9skxcSz9OydxMd6NNglUYD-PpUFvMpyfZfDbVScxDLAYx6u1b8iUnfTMuHINGIlijwSI5RG7lJbITTKesHkgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NjU3MjkyMDE5MDQ0NDI1GAA&sigh=GWvJbb4_sIA&uach_m=[UACH]&cid=CAQSGwBygQiDOlCWAD6d5czRnVQuaVcW5tAljharxRgB&tpd=AGWhJmtIqbaVlOGfXLHanMhMLr8mtGK0tNb7JGupHE4O_Ufn4erNhOHaUMbJHYXW26rRfCSipgqnYYpNJ-fcVftwblQhXtNAa4r1Hlb2Tro28SrU4PPjHQZZq_rBCLY-vy2vyNzgqsbMS17HCvQtrxApvod4uGjh1ys3e4y85ZrFN8BLZv2uQSOSq4dhXj_8b796Cq925Z_jSTuwmXG7hLzUAHQi6Vi954LGVGIOItvYAAlfUGK-fMJgPvnhn-gHiZ1qfJi411RP_6noOQ6oeIFLfZh12d6dYTUp-PZJxppaHToDMYqM1ty59QROFzItzXK_B2c7phl17p1OkGvMrWN7s0lw5cr_RqWb9QrYjb6KGOMSIWe9lDcha3PqzL4jUc7wjAqRRHSsdHB44VzJW5bBckX1qYYt62FiTzWO9k4SKCtIfy-N3TxlOqzMbZI_lhnH3i3Xdu60fqNYrM7UGBlz_ftU5gvwcfUUPjoSzHj6A4fn2NsTq-_z_PerjUua6oOJQZOFiQ5oahu2LGGwUttL60mlfmW7SaMi6A0OkDbTgXklWR2OO5VyGgNwUUSjXJnRtyK5m326m6plN18XwPiE2lyICeDJ7jCShGnejKGSiefsQwn6pfZQa4ENpF6FHE2iYNIeirpY12mcQUYt0fY_o0xZOmjUm20384NG-xgK8UB-8_AeVlfitu0O97jUG6oeHLs3cQBnq2cDEk8eCWrDuRxyhKBa8KDBMb6n0-WpSgSWFFSKB12FBq08Y0z0zzV-D2yuQ263E6jQO1xszrvQrN3JXhjou82OzRNpfeX0Mr_CkRp9S2auUgXuBqtpPrdjCx_8YglOdXTz-dXIMICAFH2KxEZEButqkTHyIiz1f6g5Mvs5yqovrsd7GSzpqcuTZGbP1shLbkGM8DpFso2xFiCaGm03x84cGD_QT6e8Sk2TcHOxCCyLoK8PBjgRnhO1rIMpShtoogZzJKQVuNVxR4GOrUtwG_zcyhVjHmr0EFkBaxBLa8myw6WJsd_NNrsRNtnekR3wMf5gt7s4dc8f5d-ErGI1bMhaMw9QhHr7s_6i0deJ63DefSmkPy10s0pHfG8KmV5TsBOxYsGASYIhtp8RjouI5JOlZsKInIEkwQTVngO9aVYbig&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 18:35:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Apr 2023 18:35:49 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 126A 13 KB
13 KB 181ms
181ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900018.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 03:23:58 GMT
x-content-type-options: nosniff
age: 54711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 03:23:58 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 126A 13 KB
13 KB 177ms
176ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900018.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:12:56 GMT
x-content-type-options: nosniff
age: 91373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Apr 2024 17:12:56 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 56ms
55ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706949758&oz_l=454&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:49 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 18:35:49 GMT

GET
BLOB 200
OK 25f8ba87-a7a7-49d4-8d55-ee6e3b757e5f
https://googleads.g.doubleclick.net/ Frame 2988 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/25f8ba87-a7a7-49d4-8d55-ee6e3b757e5f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65c876916342706407c80d81b27b17937b0551c1c94267ff20ffc0fa9930b395

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 802
Content-Type

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DED 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearwishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 09:25:38 GMT
expires: Sat, 27 Apr 2024 09:25:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6336 783 B
1 KB 159ms
52ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e72260fab7c6857b35e3668947fa4acb8971451b787af9b44a0a5f95843ec9e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eBcDRCPl4sb2il1as-W8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newyearwishing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-eBcDRCPl4sb2il1as-W8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 18:35:50 GMT
expires: Fri, 28 Apr 2023 18:35:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 56ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706949910&oz_l=750&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:49 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DED 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 09:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Apr 2024 09:57:47 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 56ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706950238&oz_l=4563&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:49 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6336 0
0 141ms
140ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=2852151305666394&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2988 16 B
232 B 79ms
79ms Fetch
application/json 52.56.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.54.153 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-54-153.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 18:35:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 152ms
45ms Preflight 52.56.54.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.54.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-54-153.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 28 Apr 2023 18:35:50 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4DED 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1rK9zw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:35:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 56ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706950418&oz_l=167&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:49 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/ Frame 2988 0
145 B 56ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.91.0/619621/AfeJ3ecCEePDEqbs/postback?r2=&r3=&pd=avt&di=https%3A%2F%2Fnewyearwishing.com&pv=c727aafe-ea7b-4251-9a5c-967772d7b0c8&sr=4&dm=160x600&c1=4562306&ui=6ba31c51-0000-0000-0000-000000000000&ap=&ai=216536&pp=pub-7657292019044425&de=43003&si=533374717&ac=651871&r1=2a01%3A4a0%3A1338%3A%3A&dt=6196211556140246740000&ti=1805616912292563167&cr=6622324&ci=619621&sid=AfeJ3ecCEePDEqbs&oz_sc=666892ff1a7a759993d9a40c&oz_df=1682706950575&oz_l=397&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.91.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Apr 2023 18:35:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame 126A 0
150 B 120ms
40ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=73461300163222900951395012308018&a=d366fdc0&vb=v
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=73461300163222900951395012308018&a=1bfaae99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:35:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 148ms
147ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=2852151305666394&bg=!ZmWlZTHNAAb9Sbh13Uk7ADkAdvg8WjLEElln1UcXCMUkg3ft-9UZMDBesB6kx1FFV6u8znf5TNQ5aMgUxbaMFAcUdzLWs7pjdQoCAAAAk1IAAAAKaAEHmQL1IMX2qNpwrQpfuACLNGdunQNDvhs4JPstxNTKIcIn40BvePZ337f5bf4cGn7A7nZLd1t-j91oBkdvE16l5RvagILIBmnPSe9nujYxlVNIiyb0VAEKLWUyn9hu1sRQGwg4J_4ihY4legxjUHItGYu8auAzUoCfOAF_pKf1YcjUhGqmzc5eg_-EBm6zBJCriTADdV7yepw1AKSX8rerU8YIPoDpKqAMIikE9WwiMBIwLEYiN5FuLJqpnOMW62CfHAik6_PD86BXfSqCeAdDRZaukI9lU7uk2yDcVe9lcTNaKctpbiAW1HOoYvzvly0fkbsF7OH_pF_-yAh3u-B3T47-ZRaArGgg9QAq5GuH200i0SEfUyC69Ro9AFAqbm_I0RfL5YTn82hqqqw092-DFaZibjKYwuwmn_LIGWaImEhrfvxZYVkYCcBH1bxiPH8DT9YgaOOuTadW9-zqq_QRuh65NeG6NG75tARBTpjil9IgHujbprMOz4xqQP64Hg2koS7OO6A5rgybaNrZsoBCdDu--0HGsExmfwuEdOZ41mP-sIQowJBypHYFT0XhUKDIi7FyfWyhhhYJETRdK3Xn7q8dn5XAlsualwHCWG2QvPhd_j8nQ2UKZThpXZnu4uZN2LAy-CxnJMM6FTpHCAkankvUetCA9L8VEtoO-AMDL7aIzScQ8_W4xEXaSnqGisd5wWkAE99ERsHltnY7ktYNo_wUKWLa8GkqL96uimi2aP4puMfP-1qOHtF17btAuNqEUi1KSOUNP-7vem-LCGEZSKSeTu32U_jRID9tjxEghSBiDIi0K-8gy4edc0zUSTvFD2H0eovGK8PSE-f2zU9AMge96TOS1ZudqbzitZqev0dqxE3JJliFwvQz_HF-WJajQlKAkXao2llvsDRw12Y_c7m8C_fVKXS0i9OE566B4NIlSIgZFNVmqpAxN-kIXHcdrASvWegYZ109IcHCIgU3SqVSM1foWSh6AV_2I-aMoUah1tW87AY-ag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearwishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newyearwishing.com/	1970-01-20 21:01:06	Name: _ga_DW8Y6BPKHP Value: GS1.1.1682706946.1.0.1682706946.0.0.0
.newyearwishing.com/	1970-01-20 21:01:06	Name: _ga Value: GA1.1.1836427309.1682706947
.newyearwishing.com/	1970-01-20 20:46:42	Name: __gads Value: ID=bed2e10865c9bca6-2205baf5afdd002a:T=1682706946:RT=1682706946:S=ALNI_MbzOaJFek4lREV840hWxJXyNJ3zxA
.newyearwishing.com/	1970-01-20 20:46:42	Name: __gpi Value: UID=00000bf1b6b7e947:T=1682706946:RT=1682706946:S=ALNI_MZh36yWaY2YGdr-o_f8aPzMoeynuw
.mathtag.com/	1970-01-20 20:10:42	Name: uuid Value: 7ab0644c-1204-4f01-b0fa-675f3bc416f8
.awin1.com/	1970-01-20 11:27:59	Name: awpv22610 Value: 296283\|1682706949\|7f29c192-e5f3-11ed-89a2-223974343f8d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
.office-partner.de/	1970-01-20 21:01:06	Name: source Value: {"webgains_webgains":{"timestamp":1682706949357,"clickCookie":false}}
.retailads.net/	1970-01-20 12:08:18	Name: ppb2172 Value: 2656337015
.futalis.de/	1970-01-20 12:51:30	Name: raSIDb Value: 2656337015
.doubleclick.net/	1970-01-20 20:46:42	Name: IDE Value: AHWqTUkDeTdQHPSVr8QzRcfSImbGLE4MYyehCKuTW-rw-HEb9Z51pfHMUw7RLkJ5Su8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://googleads.g.doubleclick.net/68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/68a7e85c-9c1e-4049-b3ac-2a38cdbf5e4e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.retailads.net
cdn.track.production.webgains.team
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900018.redintelligence.net
newyearwishing.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
region1.google-analytics.com
s.update.mediamathtag.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.102.45.165
138.201.64.38
144.76.91.199
18.135.113.117
18.203.96.5
18.66.147.41
185.29.134.249
2.18.233.201
2001:4860:4802:32::36
2606:4700:3037::6815:e8f
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a01:4f8:d0a:2321::2
2a0b:4d07:102::1
49.12.16.151
52.56.54.153
65.9.95.73
0017583d65b4e48163cdd60eaa66c6afbf3035da61bc0a7be66f819f042360c5
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
0d03780a2a7fc929acc62830dd83e0699cf4589b927d97d5b6105ae29a242f70
1162a634e5b58c05d2800cd5b61a205b8727eff6d92b18475f5a97dd59663cae
1623e371c4d10830bd8a562fb0128604f2ed2c4481c9388f39a79abd2a2cd8d8
191a9ff6f0cb2bb93b84c4b107e42f8ecf07b5bce6a1ecfa5730342d7eef6a70
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dc014d3dea66bfd897ac7ed3a76388376af10d884bb6e5512ac4ecd6d6ea961
1f565f46711b3ba86b5ec12b6098509ceaad7279bbe3d65ead00a134a8eeea54
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
283b91658dbafa7cb9efeee3a8c42115aba7ecab9b9c5d455c54d23e8e8014d0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3442d8f0a4e35fe3039441feccbc5dfee5eb355181eead82bff123345aefc637
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3f15372a7ab0e5b96bdc7be6d1dce4ff1f1b34ab33e752f6c63a4ace3daedae2
402954ea2b947e058ef20712d3c05394f23a9ea5acd4e0afa0b50ede508681cc
45f28cd857cd097e2af1133e7564e7893f0357a1699320f620b1eed60ea156b9
469deec516519243a810111e147a36faa1929d647add3a1c7561c7460cac0911
49aa12a2e2c3fd24c075aac5b14e6f82d708bb7824a5d77abbcf9ab38e10f49b
4da740c53156ae7c3240956627edcf544490b6b9db385351cfe87edb40a5deed
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
585fa1510e4e3c2310664e3a422d5f9ade3069e7ac6dce79b523411e469a6aac
59597f230f3de79e0242afff86272726005d4a13aaa74811f31433fb754c4ea5
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b2858ae2b76e2f901540c435bd9dd2ea8dbc47a0bbd5f2d8357d787e39673fc
5ff25d2cc5465194bea989e31a21e4399a43fc2cb910a30c77f72856a2e0e0b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645f47bbb252c78156cdc7722c505866190fceecf763d77e1d2d5e6fae793856
65b44f9ee046afc02173904e77a7e0ca7451b0f561c1fc9bedb50f168f95f94e
65c876916342706407c80d81b27b17937b0551c1c94267ff20ffc0fa9930b395
746f8b5b13f18dd1256fce39eb6a6b568e182d36ad66e0f415b844f3c11a9743
781a861bd17f38bc7c1b821f6cc1cb6d79379e8669be4275c28d22eb0cc02cf5
78b48f2393a893d55b23ba7bce0ed757cb080b449ba3dbce4e6127db31129f9d
7a1935e482162d25778a09c52585b4c0c6ac601c5a574cc20e9415682c2276d4
7bc65b9b935eee5be74ed156fd16e55e9bbfd127cd3341208e7d4fc64addc1cb
7d6c753f904a89a9c4393c5c9e5a0e66f6bfca843f1185e488caf64a400815e1
7d92bc401f139c2f26c2d85a3050b019bce576ba35c25fe7d6ab49000c59d55d
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
8239e2a27378ad368bb01a52fa3687440ecc4098e72866376b573814fd06be06
89c88ff357737bd35332beebde4eebfa7d7ad0fc83e7814467dacfee71a5f86d
8b3be9a5b8269677af77000949595985afaf9571615226179046180c31a58e6f
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8cebea48250e2096307c506a9e57ecdfa22c25cfc493feeb03d2dd004c547101
8f6a7b3a1e98bb9ad794d96f36198309ce654843b8b09def9faa228c618ace8e
920d1596720db604998111e1e7d9791a7e0920364924375060df15c6db6bb80e
92ae4e84bc78354fa23b9f0a45989817fe6a2242af3be667e0b9907903e568b7
96abaf9d8386f16f59b31f1ea2614a1ad6aa19470f9213df265b0b6a2f0d3ff3
96ac7c975bbacd295c8e50da5a8229ce0ef66936a05a46b9ebdaa6044a76fecf
97ddf44704c93f670e08c0074597de17fda37f4b2509a749be37ee0da41b50e7
9816312cc4ecbcf6b4b7bec51bd1686c85805773921bcc46d9a0ddce3871c150
987f8028ee3c51a8115d655bc725c0478c7751fd9a085814563867a7a9008079
9ab02a06e9918d20f2f633573668b4bde7fc28442a3ce0c83a0dfed5d3852bd5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9eb6306fa4de7483dc1355f640468fd4b9eb9d7e62651b3e5179fbb2bcad835
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c108e114f6e4616fcb5066c02a84d1eaa13ef73bfc58d2f11dd6531918adbb
b4e66cb91c3dbc344eeb5552cb1c1689e60c671587a9271a35cded7c492d3657
b726d30778d57eba591d763e65bca6000b4039fc32f9f351aa3e88b7de260b97
b9a8e32e69c8d33d40adcb0b4fbdc195421369a4ca2e98a6b696d093ccde763c
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd9cb71932eb200d8ec16048fab31d643b4aa9e8e586ac30623337af6106840c
d14e3b542a2d4d5084b21beb1e78f4679f5d2a02329503940a070ff90a03d810
d68678fa18208e9aa8cb4f556567ecd0aef601f4d831496133b7b97a5ee67bbf
d9382c9e52136de9701232437d4733e9dc9b8ff952029d84155d1261297cf480
dbae5942d10f58a93a1f9cca18541b6023908ab6182b9ace8f6af1127ac98249
dcac735394b93a96ba0e7d8ad1e6b29bdff2da88a1ed41a448db3a3108b50082
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72260fab7c6857b35e3668947fa4acb8971451b787af9b44a0a5f95843ec9e0
e7276f6b63b427c8fb125446589d4f546d88487d2691b5171db9d3b74f5cbdac
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ed4c159ea7e346114dff82e7fe4820be7112f2f1b4a3b1c1d742a8d927eed140
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5f15800c17020e395b4adcc9ed7a0cdfd94366b9180e28a5572252f08ffadee

newyearwishing.com Open in urlscan Pro 2606:4700:3037::6815:e8f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

98 %HTTPS

54 %IPv6

21 Domains

26 Subdomains

25 IPs

5 Countries

1694 kBTransfer

3581 kBSize

11 Cookies

1 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newyearwishing.com Open in urlscan Pro
2606:4700:3037::6815:e8f Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

98 %
HTTPS

54 %
IPv6

21
Domains

26
Subdomains

25
IPs

5
Countries

1694 kB
Transfer

3581 kB
Size

11
Cookies

111 HTTP transactions
1 data transactions