URL: https://www.123greetings.com/
Submission: On August 21 via manual from IL — Scanned from DE

Summary

This website contacted 74 IPs in 11 countries across 48 domains to perform 334 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 355681.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2022. Valid for: a year.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 184.72.245.68 14618 (AMAZON-AES)
22 8.249.63.252 3356 (LEVEL3)
15 8.238.176.252 3356 (LEVEL3)
18 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 34.248.176.243 16509 (AMAZON-02)
1 3 52.207.17.235 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
5 2600:9000:249... 16509 (AMAZON-02)
26 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
14 2a00:1450:400... 15169 (GOOGLE)
3 5 142.250.186.34 15169 (GOOGLE)
2 13 104.18.19.126 13335 (CLOUDFLAR...)
3 8 185.89.210.212 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
6 44.224.187.254 16509 (AMAZON-02)
2 172.217.16.130 15169 (GOOGLE)
8 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
14 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
11 107.22.163.220 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
8 2600:9000:225... 16509 (AMAZON-02)
2 18.206.3.164 14618 (AMAZON-AES)
3 23.35.236.201 16625 (AKAMAI-AS)
2 23.47.209.6 16625 (AKAMAI-AS)
3 52.222.209.55 16509 (AMAZON-02)
6 37.157.4.24 198622 (ADFORM)
2 185.167.164.39 198622 (ADFORM)
1 185.94.180.123 35220 (SPOTX-AMS)
1 3.70.79.214 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 51.89.9.254 16276 (OVH)
4 3.68.18.37 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 52.46.128.147 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 35.169.163.246 14618 (AMAZON-AES)
1 1 34.111.151.213 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
1 2 169.50.137.182 36351 (SOFTLAYER)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 185.89.210.82 29990 (ASN-APPNEX)
3 35.172.49.77 14618 (AMAZON-AES)
1 216.52.2.30 32475 (SINGLEHOP...)
2 3.126.56.137 16509 (AMAZON-02)
1 150.136.156.92 31898 (ORACLE-BM...)
1 1 213.19.147.45 3356 (LEVEL3)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
5 35.157.246.167 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 104.18.18.126 13335 (CLOUDFLAR...)
2 92.123.9.160 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
1 151.101.65.108 54113 (FASTLY)
1 1 103.229.206.241 30419 (MEDIAMATH...)
1 52.30.152.75 16509 (AMAZON-02)
1 1 34.95.81.168 15169 (GOOGLE)
1 1 64.74.236.63 22075 (AS-OUTBRAIN)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.183.112.148 60350 (VP)
334 74
Apex Domain
Subdomains
Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
434 KB
37 123g.us
c.123g.us — Cisco Umbrella Rank: 427586
i.123g.us — Cisco Umbrella Rank: 214572
x.123g.us — Cisco Umbrella Rank: 685912
904 KB
30 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1628
track1.aniview.com — Cisco Umbrella Rank: 1761
go1.aniview.com — Cisco Umbrella Rank: 4914
play.aniview.com — Cisco Umbrella Rank: 15536
sync.aniview.com — Cisco Umbrella Rank: 2462
518 KB
24 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
373 KB
21 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 21948
static.avantisvideo.com — Cisco Umbrella Rank: 22575
events1.avantisvideo.com — Cisco Umbrella Rank: 21661
cdn1.avantisvideo.com — Cisco Umbrella Rank: 26692
avm.avantisvideo.com — Cisco Umbrella Rank: 22564
124 KB
18 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
374 KB
18 123greetings.com
www.123greetings.com — Cisco Umbrella Rank: 355681
s.gk.123greetings.com — Cisco Umbrella Rank: 562564
65 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
pix.eu.criteo.net — Cisco Umbrella Rank: 7955
csm.eu.criteo.net — Cisco Umbrella Rank: 8150
130 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum.casalemedia.com — Cisco Umbrella Rank: 1387
14 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
267 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
secure.adnxs.com — Cisco Umbrella Rank: 463
acdn.adnxs.com — Cisco Umbrella Rank: 604
26 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
web.ssp.yahoo.com — Cisco Umbrella Rank: 1859
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 943
2 KB
8 adform.net
adx.adform.net — Cisco Umbrella Rank: 3944
adx2.adform.net — Cisco Umbrella Rank: 249875
2 KB
7 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
eus.rubiconproject.com — Cisco Umbrella Rank: 582
token.rubiconproject.com — Cisco Umbrella Rank: 711
12 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
1 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493
image6.pubmatic.com — Cisco Umbrella Rank: 634
18 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
244 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 304
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
46 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
734 B
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com — Cisco Umbrella Rank: 1405
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
224 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 450
sync.search.spotxchange.com — Cisco Umbrella Rank: 521
2 KB
3 gstatic.com
www.gstatic.com
15 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11704
ads.eu.criteo.com — Cisco Umbrella Rank: 7878
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10157
56 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 3094
20 KB
3 trkn.us
trkn.us — Cisco Umbrella Rank: 1994
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
841 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1795
casale-match.dotomi.com — Cisco Umbrella Rank: 2647
588 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
650 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
2 selectmedia.asia
tg1.selectmedia.asia — Cisco Umbrella Rank: 32171
play.selectmedia.asia — Cisco Umbrella Rank: 29558
7 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
914 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1370
307 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
317 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 2596
269 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 504
430 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
682 B
1 tremorhub.com
p4dt2-ha1hf.ads.tremorhub.com — Cisco Umbrella Rank: 98040
421 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 942
457 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
243 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1099
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 654
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 745
380 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1774
367 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1642
546 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
265 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
648 B
334 48
Domain Requested by
26 tpc.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
s0.2mdn.net
21 c.123g.us www.123greetings.com
c.123g.us
18 cdn.ampproject.org securepubads.g.doubleclick.net
18 pagead2.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
16 s.gk.123greetings.com c.123g.us
s.gk.123greetings.com
15 i.123g.us www.123greetings.com
c.123g.us
14 s0.2mdn.net www.123greetings.com
s0.2mdn.net
13 player.aniview.com tg1.selectmedia.asia
player.aniview.com
cdn.avantisvideo.com
11 track1.aniview.com www.123greetings.com
player.aniview.com
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
8 static.criteo.net ads.eu.criteo.com
8 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
player.aniview.com
acdn.adnxs.com
7 pix.eu.criteo.net ads.eu.criteo.com
6 adx.adform.net player.aniview.com
6 events1.avantisvideo.com www.123greetings.com
6 www.googletagservices.com c.123g.us
securepubads.g.doubleclick.net
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 www.google.com www.123greetings.com
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
www.123greetings.com
4 c2shb.pubgw.yahoo.com player.aniview.com
4 prebid-server.rubiconproject.com player.aniview.com
4 onetag-sys.com player.aniview.com
4 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
4 www.googletagmanager.com www.123greetings.com
www.googletagmanager.com
play.selectmedia.asia
3 sync.aniview.com player.aniview.com
3 c.amazon-adsystem.com player.aniview.com
c.amazon-adsystem.com
3 ads.pubmatic.com player.aniview.com
3 www.gstatic.com googleads.g.doubleclick.net
3 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 trkn.us 1 redirects www.123greetings.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 ups.analytics.yahoo.com player.aniview.com
ssum-sec.casalemedia.com
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync.search.spotxchange.com 1 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
2 hbopenbid.pubmatic.com player.aniview.com
2 adx2.adform.net player.aniview.com
2 js-sec.indexww.com player.aniview.com
2 go1.aniview.com player.aniview.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 googleads4.g.doubleclick.net www.123greetings.com
2 static.avantisvideo.com cdn.avantisvideo.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.123greetings.com player.aniview.com
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 sync.mathtag.com 1 redirects
1 acdn.adnxs.com player.aniview.com
1 token.rubiconproject.com eus.rubiconproject.com
1 eb2.3lift.com player.aniview.com
1 htlb.casalemedia.com player.aniview.com
1 p4dt2-ha1hf.ads.tremorhub.com player.aniview.com
1 web.ssp.yahoo.com player.aniview.com
1 csync.loopme.me 1 redirects
1 sync.1rx.io 1 redirects
1 sync.technoratimedia.com player.aniview.com
1 ap.lijit.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 bttrack.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 sync.extend.tv 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 match.adsrvr.org ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 web.hb.ad.cpe.dotomi.com player.aniview.com
1 tlx.3lift.com player.aniview.com
1 search.spotxchange.com player.aniview.com
1 play.selectmedia.asia player.aniview.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com www.123greetings.com
1 tg1.selectmedia.asia securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 x.123g.us c.123g.us
334 90
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2
2022-03-01 -
2023-04-02
a year crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2
2022-08-13 -
2023-08-11
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
gk.123greetings.com
R3
2022-07-19 -
2022-10-17
3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2
2022-01-19 -
2023-02-20
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
wl.aniview.com
R3
2022-08-15 -
2022-11-13
3 months crt.sh
*.avantisvideo.com
Amazon
2021-11-24 -
2022-12-22
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-02 -
2022-11-01
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-03 -
2022-11-05
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-21 -
2022-11-23
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2022-03-11 -
2023-03-29
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-05-31 -
2023-07-02
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-21 -
2023-04-20
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-07 -
2022-11-30
6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-17 -
2022-10-05
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh

This page contains 44 frames:

Primary Page: https://www.123greetings.com/
Frame ID: 9BD3F3D5260F509F170FE004F6619E74
Requests: 131 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Frame ID: 55B527CCD32DE027CE22428BBA084187
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1661064608&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661066691051&bpp=4&bdt=961&idt=136&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8422478875451&frm=20&pv=2&ga_vid=993154516.1661066691&ga_sid=1661066691&ga_hid=868272161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068945%2C31069003%2C31069050&oid=2&pvsid=220171858650801&tmod=914366382&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156
Frame ID: 1F0782B476CC2AC39B3AD21B744BFE37
Requests: 1 HTTP requests in this frame

Frame: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81093219F877948BBF304A7BA6273439
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.123greetings.com/aa81fa99-69ec-4b46-9e61-dd8d6eb73daa
Frame ID: 2FABD81B4F05B227A4BFF40AC13A8CCB
Requests: 1 HTTP requests in this frame

Frame: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 96CA1423A8A40E9A75A6CFEA3C151DE0
Requests: 15 HTTP requests in this frame

Frame: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9651BFC4E654C342A8BBDC2D6060C7E1
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 736AF366D526981C2597B24E98D1689F
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 800A32820F4B155B7BFE800C2CCFC3D7
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: CD106B4510F8F691910B06C9DB7C50DE
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFbZpKQsoiIC7RiNIrBks3F5MLONnzVw-Mzptrzg5XsqMShYxqnCjv00_iL_ZBgVFFnlBxnW7kzPxOo_izwFZ5vAm-BhE9xLxRZXDV7HSVTM3fLqY74pfRNqe89fT0TgxC3Ve5ZWz8CIyhe1lMHjbUqynX9FAaV8YJH5KE_0DDo1NQs1qgNtQezkEQYtTT4UdDn3vu7vOySGtvpfHa3JUxlIBz0C2bS7MZjXOAFrz02OyzUJzfE1yv-1pEL28lL5sNKa95pWW7vBbxV4upIfH7Qw7KNQXSwcvq13Ng101rbCxMRs8f0n8yfXnmM3M0eYMjjmSahKge0mVXjVkM0rkya4C0Uc3U&sai=AMfl-YTFutUNEajLe2-17OdJbxXBQfFykD_ICVN62aCPh8YKYWPRgbi5KSehXu-71cYQDULdmISc3IT5y2QbXzLAyiWMQMVixILsSkQfFHEZEZA0m-3Wx6Vi2kbXzRmhQ3WN6nc&sig=Cg0ArKJSzF3LMMPhoga3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C7425326A640BC3C7A5EAB0E90F0F54D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoToyCYyeXaZm9cNzj5lA-vI_DY56quV4YOEl-qVwoMvtkvKNb0kFsgSdlONHxz104SaZW50uYYFJD7Rtc-hs7Q4CCFxZhXlMspQ32YPUO6OLTT7lLvgZ6DPnYcZ4pFcsBMCXlOc0lxMHfOgoFUANLNJbfS_5gQbYrMEWX7527AJ5HNsgoL3cfnlLeWh2zduMTnri2lwCBIIvH1WkjVXkxyzNPW0azADjz9XD5F9y5-8c72B0wDf-2QlIjHeqC0BSse7TIxEkYb0Qifj_x06na8X1Z7lxm3mjmvc_AUGMPnnI8qMKgo5PTERoHCouK0ydnBCEzLTRaBxKZ5J5Caxmc1iMYMOf_R32NkADeeIQR&sai=AMfl-YQai5E43tb2nKnLlWSvQ_9DB-iQh6iAF-PwYoWymAS3vaovEt8kQwhFTivRf9Q4qW8x1_dow_GGnI9kcge9oegNQDIniV9JCdG1u18eGDv6SKpNszd72cMzNI-55J92WA4&sig=Cg0ArKJSzJ-ni_iQx-OPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C4B16C38B7060F40296ABC58D3570EA8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNVyoJbhKI5pL0JXI2l18d9lXhz-mhWCDTDlOMdj1mrmlOfgSMvYoaR558Ss-6JW3aSJHpIhoarh-8nCcB4clpU8om2CGlNW8pqoMokymsiAmQ28m6H4V7Msg3YOF47BLrRtRp1rdY3LA5IyL0XJKBj3vgNqBegVZozocrNgeUVYSeNzWCA
Frame ID: 8E4E8614EC451B380B7067635E5DE488
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: 6FC76936ADB46E1BF340FF7905231FDB
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 848123395ADED96606090ABDC2745BE5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FD1B3BA9DB9A9B96B3C8E853B9515E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 627AA3F3CE3DEE3535186DF068B65101
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
Frame ID: FEE4B13F94B535B530CF4AFAD73DD626
Requests: 15 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: CB4CE370AF7E25DB2E0F0A638A68650B
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5AB41593134AA81827D971BB8EBBD14A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D7A60FEDD931CA9A000E4B88EA60B6E
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Frame ID: 1FF0F9603DF7230A87658333E696730D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Frame ID: 610AB0A729D897E46A3A1B8CF1787648
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Frame ID: E8BC017C10A333CB27456C38A74F0B5B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D1%26key%3D
Frame ID: 45A21DA345F1E60D49FD804D67014742
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5B5F4D4EB55B65C9745B3F474B2598BE
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 2C15702908F571ACC31EBE171BEB9ADE
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B57AC6D03BC7F83827EC3953D2A30A40
Requests: 10 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: EC9546D76E46A5AEACD13431BF15204D
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=55&key=5767656312680619575
Frame ID: 7157BA30F27B917D297CB26B0C1BC522
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D18%26key%3D%24UID
Frame ID: 4A81A48E2CA414E8CC5FB48842FBB202
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 9C8B8E62341DAE824463004BB0959D86
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1661066686835-942884431016-005728-010-002488&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: B52B34CA31D41E4AF0E8ECE64C3F1C6E
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=200&key=OPTOUT
Frame ID: 5395B093E64F5F2736C264CDD4EB7B89
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=56&pid=59c9148628a0612da3689288&key=3843a3ab-7937-4484-9d7d-8e19fe29a77b
Frame ID: 3A769B6381B9C8A8E6FEA6758A53B891
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Frame ID: DA97530CCA3AF30E48574BF1B2F942B3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661066694025
Frame ID: 535327CFD2A1196C1262F7DF8CAA2A41
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5B71F54AE2F9E9E6BE581FB14B05F8C9
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9ED99962B8374D2A4AFC1742339F6184
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F3DB242A6AA9A80A63FAFC768A826F3B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661066694821
Frame ID: 457E52111FEB35ED12FD3468B5749032
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 720B885DCCA31E35BDD2DCF66364F3B2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0C0E7B5556055F5550B8AAF5AC9EAA3C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7846BD68A329127BCA70FFD01703CBA0
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Free Greeting cards, Wishes, Ecards, Birthday Wishes, Funny Cards & Gifs | 123 Greetings

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

334
Requests

95 %
HTTPS

38 %
IPv6

48
Domains

90
Subdomains

74
IPs

11
Countries

3887 kB
Transfer

10213 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=146.70.117.78&cuidchk=1
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwHdvduxuzzLFK8kCC-6MgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ32ZfFWJ3qY8c1yu9d8Fwc&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ32ZfFWJ3qY8c1yu9d8Fwc%26google_cver%3D1
Request Chain 149
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NzY1NjMxMjY4MDYxOTU3NQ%3D%3D
Request Chain 282
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=5618673c-2122-11ed-a411-11482f420106
Request Chain 284
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB&dcc=t
Request Chain 288
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ad8578e5-3978-4943-9f8d-869cf1e0faed
Request Chain 289
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3d35da27-919b-68eb-8992f18f
Request Chain 291
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 299
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=55&key=5767656312680619575
Request Chain 303
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=200&key=OPTOUT
Request Chain 304
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=56&pid=59c9148628a0612da3689288&key=3843a3ab-7937-4484-9d7d-8e19fe29a77b
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=de746301-ddc1-4300-be28-eb1dadf32822&gdpr=1&gdpr_consent=
Request Chain 344
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=09f6f17f-9f18-49ef-a57b-098c81dac323
Request Chain 345
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 346
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661153089&gdpr=1
Request Chain 347
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

334 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.123greetings.com/
36 KB
9 KB
Document
General
Full URL
https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache /
Resource Hash
7912141e701d5851c8305309de2b4377dc69907bbd364f6cfbb08a09e810e85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
644
Cache-Control
max-age=900
Connection
close
Content-Encoding
gzip
Content-Length
8470
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 07:13:59 GMT
ETag
"8e90-5e6babde8a800"
Expires
Sun, 21 Aug 2022 07:28:59 GMT
Last-Modified
Sun, 21 Aug 2022 06:50:08 GMT
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
x-frame-options
SAMEORIGIN
home_R1.css
c.123g.us/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://c.123g.us/css/home_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1d44594c1739a91182d57a302cf6345f311a73a9dfd2b2a28b6a22d6488f490b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 09:42:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Aug 2019 12:57:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2583727
ETag
"24836-3a7f-59104b1b6d7c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3305
jake_test
Test_Pass
chk_script.js
c.123g.us/js2/
3 KB
1 KB
Script
General
Full URL
https://c.123g.us/js2/chk_script.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
13d4667177bf9777b7d9a0ce216beb8f877f4836ae8e234e689547abcbad7837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 09:44:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jul 2022 09:43:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2065233
ETag
"2c045-c3f-5e4da5c97a9c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1062
jake_test
Test_Pass
344132_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/344132_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
290ee4ab79924fa7ef563205b80ce42cbdc9481c1ab9c51ce9fcdce840887775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 16:56:08 GMT
Last-Modified
Wed, 19 Aug 2020 11:02:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
1693716
ETag
"1f3a-5ad38efe3a280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7994
jake_test
Test_Pass
Expires
Mon, 01 Aug 2022 17:21:10 GMT
103967_th.gif
i.123g.us/c/eaug_friendshipweek/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_friendshipweek/th/103967_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
613e22e0123c50072fb03b1b0732b528ab91fb1a535ac862c5f04b494880f4c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 21:21:53 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
1245771
ETag
"18f6-4f323c71fd640"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6390
jake_test
Test_Pass
Expires
Sun, 14 Aug 2022 06:36:29 GMT
115227_th.gif
i.123g.us/c/eaug_friendshipweek/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_friendshipweek/th/115227_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
27e547b8c79e6ef670a24532ad9dd58f047ca71dfe2bce0d51265dcff7e1b5be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 16:45:58 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
743926
ETag
"1155-4f323c71fd640"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4437
Expires
Fri, 12 Aug 2022 17:00:58 GMT
325186_th.gif
i.123g.us/c/eaug_friendshipweek/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_friendshipweek/th/325186_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
d9ad3220a4c9916cc4a5abca1fbfe6cc5460d07245dbf36b20e403de09eb1691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 00:26:49 GMT
Last-Modified
Fri, 19 Aug 2016 13:18:17 GMT
Server
Footprint Distributor V6.1.1162
Age
25075
ETag
"1fb9-53a6c880d3840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8121
jake_test
Test_Pass
Expires
Sun, 21 Aug 2022 00:41:49 GMT
318437_th.jpg
i.123g.us/c/eaug_friendshipweek/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_friendshipweek/th/318437_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d224bbb4351c9087fad2a9b390f3574a5cc8d064c24d6df207bc52135de46129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 11 Aug 2022 15:08:32 GMT
Last-Modified
Tue, 11 Aug 2015 12:34:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
836172
ETag
"1e6d-51d0853c64580"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7789
jake_test
Test_Pass
Expires
Sun, 14 Aug 2022 15:58:17 GMT
325063_th.jpg
i.123g.us/c/eaug_seniorcitizen_day/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_seniorcitizen_day/th/325063_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
643a80e379c2b695aa7f163e2908c3486c94b172ec7fe7ebf8f37202365f8745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 05:47:34 GMT
Last-Modified
Thu, 11 Aug 2016 14:19:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
956230
ETag
"1900-539cc73b66c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6400
jake_test
Test_Pass
Expires
Sat, 20 Aug 2022 13:13:23 GMT
343704_th.gif
i.123g.us/c/birth_happybirthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/343704_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
93b0d27e8a6bab76a2c182cf70a26e9ee00ce4fdbe238be072ab85ad8c19d0a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 10:10:42 GMT
Last-Modified
Mon, 22 Jun 2020 06:50:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
767642
ETag
"1f36-5a8a6a86852c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7990
jake_test
Test_Pass
Expires
Sat, 13 Aug 2022 10:04:23 GMT
347667_th.gif
i.123g.us/c/birth_happybirthday/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/347667_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ce274a250b562336590fcfb03562939790ceb0a0e4eba7eb0f31bcbb5d9974de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 13:10:56 GMT
Last-Modified
Fri, 30 Jul 2021 13:56:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
1016028
ETag
"1c67-5c8579569c480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7271
jake_test
Test_Pass
Expires
Tue, 09 Aug 2022 13:26:58 GMT
124103_th.gif
i.123g.us/c/anniv_wedanniv_couple/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/anniv_wedanniv_couple/th/124103_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0e07c16626af862f6f38c47e8bb5cce930547605fd936a2d8680c26cf15202bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 23 Jul 2022 21:57:09 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
2453255
ETag
"1fd2-4f323b33766c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8146
jake_test
Test_Pass
Expires
Thu, 28 Jul 2022 11:47:29 GMT
350760_th.jpg
i.123g.us/c/eaug_smilemonth/th/
5 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_smilemonth/th/350760_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f02111c8349417ec273363ae9836f05d5e539625231a50d13dfb553ae4ec6e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 16:25:42 GMT
Last-Modified
Tue, 02 Aug 2022 15:02:20 GMT
Server
Apache/2.2.15 (CentOS)
Age
1609142
ETag
"13ef-5e543672b1700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5103
jake_test
Test_Pass
Expires
Fri, 05 Aug 2022 16:45:18 GMT
350711_th.gif
i.123g.us/c/love_iloveyou_general/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/love_iloveyou_general/th/350711_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c2d40f69f99dd63371d21b8791ac0bee15efc32b10ca10b0f0c13539f7cc975f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 11 Aug 2022 10:09:17 GMT
Last-Modified
Thu, 28 Jul 2022 09:58:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
854127
ETag
"1eca-5e4da92a76280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7882
jake_test
Test_Pass
Expires
Tue, 16 Aug 2022 13:35:22 GMT
350689_th.jpg
i.123g.us/c/gen_morning/th/
5 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/gen_morning/th/350689_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7a22c00595831c067c06703ddf439147a257d2375393492c60c917f739354191

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 26 Jul 2022 05:58:00 GMT
Last-Modified
Mon, 25 Jul 2022 11:08:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
2251604
ETag
"14dd-5e49f344dcc00"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5341
jake_test
Test_Pass
Expires
Tue, 26 Jul 2022 09:43:39 GMT
cal_block.gif
i.123g.us/images/special_block/
21 KB
21 KB
Image
General
Full URL
https://i.123g.us/images/special_block/cal_block.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4545946e62b8e831756006b646fbf7e97b5fb8b85e52b625bdcc8b5d83745eb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 07:14:15 GMT
Last-Modified
Mon, 08 Aug 2022 07:13:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1123829
ETag
"5268-5e5b58d1ecac0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21096
jake_test
Test_Pass
Expires
Mon, 08 Aug 2022 07:31:38 GMT
jquery.js
c.123g.us/js2/
92 KB
92 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 26 Jul 2022 05:15:50 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2254134
ETag
"8047c-16f3a-5e17a2e52eec0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94010
jake_test
Test_Pass
jquery.ajax_autocomplete.js
c.123g.us/js2/
20 KB
7 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 11:26:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 12:46:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
503884
ETag
"2c7db-4ec6-5cbdfd9379f80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6384
jake_test
Test_Pass
swfobject.js
c.123g.us/js2/
10 KB
10 KB
Script
General
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 23:03:00 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
894104
ETag
"80494-261f-5e17a2e52eec0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9759
123g_utils_v1.js
c.123g.us/js2/
123 KB
30 KB
Script
General
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8118f9caab521097310cbd5980732e472a431511536759da6a7f475e2f9b1c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 06:17:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 06:15:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
1127250
ETag
"2c050-1ed63-5e5b4be87d440"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30681
jake_test
Test_Pass
hpmain.js
c.123g.us/js2/
4 KB
4 KB
Script
General
Full URL
https://c.123g.us/js2/hpmain.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
df593244193c3cf046b26a486cc6d9b03d94406e3ace812307bdc3d9e0e54b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 07:33:50 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
777054
ETag
"8045c-e33-5e17a2e52eec0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3635
jake_test
Test_Pass
rakpanel.js
c.123g.us/js2/
3 KB
4 KB
Script
General
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 11:43:19 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2576485
ETag
"80479-d4c-5e17a2e52eec0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3404
jake_test
Test_Pass
jquery.bxslider_new.js
c.123g.us/js2/
20 KB
5 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.bxslider_new.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 20:09:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2286918
ETag
"2c44c-50ba-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5210
jake_test
Test_Pass
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
167 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20dca3a9ce0f679deefb34c163ea6c46a19a98fbfa0ae2c88eb6cc5a56a5cf69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57659
x-xss-protection
0
server
cafe
etag
1256364520719237457
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 07:24:44 GMT
js
www.googletagmanager.com/gtag/
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8864c5c66037d2ea7fe88a4a69b417854cd4f17f646ce7993a03214ff8b6467b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41859
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Aug 2022 07:24:44 GMT
js
www.googletagmanager.com/gtag/
209 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1ec82cd43eb750751f3c6b64f95a6e24d5abe51843556c013d7efb107040e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74728
x-xss-protection
0
expires
Sun, 21 Aug 2022 07:24:44 GMT
styleopt_R1.css
c.123g.us/css/
81 KB
16 KB
Stylesheet
General
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/home_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 10:27:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2022 05:14:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
680251
ETag
"2454c-14218-5df6a8f0bdcc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16272
jake_test
Test_Pass
modal_window_R1.css
c.123g.us/css/
33 KB
33 KB
Stylesheet
General
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/home_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 23 Jul 2022 13:14:06 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
2484638
ETag
"805c1-8220-5e17a2e623100"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33312
jake_test
Test_Pass
clear.js
s.gk.123greetings.com/2/945541/
6 KB
3 KB
Script
General
Full URL
https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/chk_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
02bb8af52e1418c054ac3895f57ebd2fbc4ca79f6f5af87b6385c1de8e53cf80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:43 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2647
Expires
0
123g_master_bg.png
c.123g.us/images/
145 B
438 B
Image
General
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 11 Aug 2022 06:36:06 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
866918
ETag
"810fd-91-5e17a33733040"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
master_img_menu.png
c.123g.us/images/
6 KB
6 KB
Image
General
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 29 Jul 2022 08:07:15 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1984649
ETag
"810c2-1861-5e17a33733040"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/
139 KB
139 KB
Image
General
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 18 Aug 2022 06:00:25 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
264259
ETag
"8103e-22ca6-5e17a33086080"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142502
jake_test
Test_Pass
big_img_sprite.png
c.123g.us/images/
134 KB
134 KB
Image
General
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 15:32:11 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
316353
ETag
"81054-21653-5e17a33086080"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
master_icon_set_2.png
c.123g.us/images/
88 KB
88 KB
Image
General
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 15:05:20 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
1613964
ETag
"9cb51-15fce-5d80a1da24680"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
master_icon_set.png
c.123g.us/images/
93 KB
93 KB
Image
General
Full URL
https://c.123g.us/images/master_icon_set.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/home_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 12:03:38 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2575266
ETag
"81064-17326-5e17a33086080"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95014
jake_test
Test_Pass
request.js
trkn.us/info/
2 KB
1 KB
Script
General
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.17.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-17-235.compute-1.amazonaws.com
Software
Apache /
Resource Hash
27d9538abaee92287d9a5e1dd5a4bf6d564b843baf6c7283888ca0cbdaa906a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
733
Expires
Sun, 01 Jan 2014 00:00:00 GMT
addressbook.js
c.123g.us/js2/
401 KB
76 KB
Script
General
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 06:17:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 06:15:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
1127260
ETag
"2c023-64550-5e5b4be87d440"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77410
jake_test
Test_Pass
gpt.js
www.googletagservices.com/tag/js/
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7ba5e1b255053d409880374b1d1e76e52c337275c3171fe0f7f9b663526270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28488
x-xss-protection
0
server
sffe
etag
"1309 / 752 of 1000 / last-modified: 1660946721"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Aug 2022 07:24:44 GMT
123g_mantle.json
x.123g.us/json/
2 KB
2 KB
XHR
General
Full URL
https://x.123g.us/json/123g_mantle.json
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
aed64e0e4cd5853222d9dfaeded1a114c0c627458800f02e7d33038fa6403db4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 07:14:48 GMT
Last-Modified
Sun, 21 Aug 2022 06:02:28 GMT
Server
Apache/2.2.15 (CentOS)
Age
596
ETag
"841-5e6ba13708500"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2113
jake_test
Test_Pass
Expires
Sun, 21 Aug 2022 07:29:48 GMT
closeBtn_h.png
c.123g.us/images/
1 KB
1 KB
Image
General
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 23 Jul 2022 00:59:46 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2528698
ETag
"9cf1d-42a-54a227b6344c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
mantle_loader.gif
c.123g.us/images/
2 KB
2 KB
Image
General
Full URL
https://c.123g.us/images/mantle_loader.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 30 Jul 2022 18:23:53 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
1861251
ETag
"9d011-855-54a227b81c940"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2133
jake_test
Test_Pass
connect_config.js
c.123g.us/js2/
203 B
503 B
Script
General
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.249.63.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 05:07:40 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2081824
ETag
"80457-cb-5e17a2e52eec0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203
jake_test
Test_Pass
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1364
date
Sun, 21 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 21 Aug 2022 09:02:00 GMT
js
www.googletagmanager.com/gtag/
209 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fccf83fda6264ca3aae6c764489c92d25f864f971c870fc119d0f305f391910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74701
x-xss-protection
0
expires
Sun, 21 Aug 2022 07:24:44 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/
342 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c1e8646441b2c3c6e3f77e0a3207c37c40db51b87176c4a71da787b400fb55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122963
x-xss-protection
0
server
cafe
etag
3611274740808442226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 07:24:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame 55B5
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 11:28:17 GMT
etag
8616628553774171045
expires
Sat, 03 Sep 2022 11:28:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081501.js
securepubads.g.doubleclick.net/gpt/
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 19:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133600
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:36:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 20 Aug 2023 19:41:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
655 B
885 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d296131da814e68033b8f973cd34aeaf058191c99e1a265b5569d6f7d0074aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Sun, 21 Aug 2022 07:24:44 GMT
eaug_friendshipweek_mtl_02.jpg
i.123g.us/c/eaug_friendshipweek/mtl/
24 KB
24 KB
Image
General
Full URL
https://i.123g.us/c/eaug_friendshipweek/mtl/eaug_friendshipweek_mtl_02.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e879e91fc98fc8d066ae0943a2922c0667cd991928f67af6fb216c63200c1bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 02:22:33 GMT
Last-Modified
Tue, 16 Aug 2022 09:33:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
190931
ETag
"5ea0-5e6587260a480"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24224
jake_test
Test_Pass
Expires
Sat, 20 Aug 2022 03:21:14 GMT
collect
region1.google-analytics.com/g/
0
350 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-47Q5QDHYDP&gtm=2oe8h0&_p=868272161&cid=993154516.1661066691&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661066691&sct=1&seg=0&dl=https%3A%2F%2Fwww.123greetings.com%2F&dt=Free%20Greeting%20cards%2C%20Wishes%2C%20Ecards%2C%20Birthday%20Wishes%2C%20Funny%20Cards%20%26%20Gifs%20%7C%20123%20Greetings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=868272161&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2F&ul=en-us&de=UTF-8&dt=Free%20Greeting%20cards%2C%20Wishes%2C%20Ecards%2C%20Birthday%20Wishes%2C%20Funny%20Cards%20%26%20Gifs%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1939426832&gjid=681998120&cid=993154516.1661066691&tid=UA-5085183-1&_gid=1194358351.1661066691&_r=1&gtm=2ou8h0&z=1832994135
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
220 B
648 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
eed112e8f6f3d519008a0bf85e3c3e5bc6d5f829bc5cac250847ac7524e1a3f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2F&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1F07
144 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1661064608&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661066691051&bpp=4&bdt=961&idt=136&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8422478875451&frm=20&pv=2&ga_vid=993154516.1661066691&ga_sid=1661066691&ga_hid=868272161&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068945%2C31069003%2C31069050&oid=2&pvsid=220171858650801&tmod=914366382&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97a27f86ff5cc6dd2ef5b1b54f8dabbb352c80a1492b62ce065cea220e6ac6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
42504
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:45 GMT
expires
Sun, 21 Aug 2022 07:24:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?oz_pl=1&dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&_x=1
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.gk.123greetings.com/2/2.66.1/
161 KB
51 KB
Script
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/main.js
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
41c7f77cb564e20029d53084a16a3f1ba3da49f2d2c08c610584a5020dc9aaf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 07:24:43 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
51462
Expires
Wed, 29 Apr 2054 06:56:40 GMT
ads
securepubads.g.doubleclick.net/gampad/
538 KB
155 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=220171858650801&correlator=2700714946922508&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=46400095%2CDesktopWeb_Homepage_LB%2CDesktopWeb_Homepage_Mrec%2CDesktopWeb_Homepage_LMrec1%2CDesktopWeb_Homepage_LMrec2%2CDesktopWeb_Homepage_LMrec3%2CDesktopWeb_Homepage_Video%2CDesktopWeb_Homepage_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1&ifi=2&adks=2032713241%2C2007386566%2C3432605083%2C3556053958%2C327677147%2C846720090%2C4041757002&sfv=1-0-38&fsapi=false&cust_params=site%3D123greetings.com%26section%3Dhome%26page%3Dhomepage&sc=1&cookie_enabled=1&abxe=1&dt=1661066691282&lmt=1661064608&dlt=1661066690090&idt=1134&adxs=560%2C970%2C332%2C650%2C968%2C310%2C310&adys=47%2C208%2C1539%2C1539%2C1539%2C1978%2C1419&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.123greetings.com%2F&frm=20&vis=1&psz=980x90%7C320x262%7C980x301%7C980x301%7C980x301%7C983x1969%7C980x0&msz=728x90%7C300x250%7C314x264%7C314x264%7C314x264%7C980x0%7C980x0&fws=4%2C4%2C0%2C0%2C0%2C0%2C0&ohw=728%2C300%2C0%2C0%2C0%2C0%2C0&ga_vid=993154516.1661066691&ga_sid=1661066691&ga_hid=868272161&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
157dfebf8e7a3db46f0337555f331f4ac93c6e151849bb43a8670b06a4636205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158750
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,5984529975,5461263814
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138388526769,138321279906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8109
6 KB
4 KB
Document
General
Full URL
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:44 GMT
expires
Mon, 21 Aug 2023 07:24:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
1 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5085183-1&cid=993154516.1661066691&jid=1939426832&gjid=681998120&_gid=1194358351.1661066691&_u=YADAAUAAAAAAAC~&z=1933581392
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 21 Aug 2022 07:24:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?oz_pl=1&dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&_x=1
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=146.70.117.78&cuidchk=1
42 B
780 B
Image
General
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=146.70.117.78&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
HTTP/1.1
Server
52.207.17.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-17-235.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Sun, 21 Aug 2022 07:24:44 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1715868418.9119477&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=146.70.117.78&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066691374&oz_l=134&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
aa81fa99-69ec-4b46-9e61-dd8d6eb73daa
https://www.123greetings.com/ Frame 2FAB
185 B
0
Other
General
Full URL
blob:https://www.123greetings.com/aa81fa99-69ec-4b46-9e61-dd8d6eb73daa
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066691532&oz_l=4663&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066691735&oz_l=4806&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf9e773145a5096340f32e0b66d0a136a1c8b57d9079213d07e7dfb5722f5f44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11042
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/
150 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/reactive_library_fy2021.js?bust=31069050
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36494c59d3029b193343976ead491e449bcf4734df8bac70636cb431a892a32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54625
x-xss-protection
0
server
cafe
etag
6733288538652782757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 07:24:45 GMT
eaug_friendshipweek_mtl_02.jpg
i.123g.us/c/eaug_friendshipweek/mtl/
24 KB
24 KB
Image
General
Full URL
https://i.123g.us/c/eaug_friendshipweek/mtl/eaug_friendshipweek_mtl_02.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.238.176.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e879e91fc98fc8d066ae0943a2922c0667cd991928f67af6fb216c63200c1bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 02:22:33 GMT
Last-Modified
Tue, 16 Aug 2022 09:33:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
190932
ETag
"5ea0-5e6587260a480"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24224
jake_test
Test_Pass
Expires
Sat, 20 Aug 2022 03:21:14 GMT
container.html
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 96CA
6 KB
3 KB
Document
General
Full URL
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:45 GMT
expires
Mon, 21 Aug 2023 07:24:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9651
6 KB
3 KB
Document
General
Full URL
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:45 GMT
expires
Mon, 21 Aug 2023 07:24:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 736A
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 736A
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 736A
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 736A
72 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16649
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0cc7ecc69c61be2b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 736A
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 736A
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
truncated
/ Frame 736A
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c68b30bbb7a44a8febef0ace1d7013259cb53fbeecc7e20b829621e5ff6ae87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 800A
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 800A
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 800A
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 800A
72 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16649
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0cc7ecc69c61be2b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 800A
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 800A
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
truncated
/ Frame 800A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed69c8c630a842efb44d3fa8c6fd799dfe1e34c0b5bd2c231548942aa1070c61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame CD10
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame CD10
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame CD10
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame CD10
72 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16649
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0cc7ecc69c61be2b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame CD10
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame CD10
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
483428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
truncated
/ Frame CD10
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff693c26fe1f4e8155e7c306a627a58be5022867a638bece32c960770c0cfd2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C742
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFbZpKQsoiIC7RiNIrBks3F5MLONnzVw-Mzptrzg5XsqMShYxqnCjv00_iL_ZBgVFFnlBxnW7kzPxOo_izwFZ5vAm-BhE9xLxRZXDV7HSVTM3fLqY74pfRNqe89fT0TgxC3Ve5ZWz8CIyhe1lMHjbUqynX9FAaV8YJH5KE_0DDo1NQs1qgNtQezkEQYtTT4UdDn3vu7vOySGtvpfHa3JUxlIBz0C2bS7MZjXOAFrz02OyzUJzfE1yv-1pEL28lL5sNKa95pWW7vBbxV4upIfH7Qw7KNQXSwcvq13Ng101rbCxMRs8f0n8yfXnmM3M0eYMjjmSahKge0mVXjVkM0rkya4C0Uc3U&sai=AMfl-YTFutUNEajLe2-17OdJbxXBQfFykD_ICVN62aCPh8YKYWPRgbi5KSehXu-71cYQDULdmISc3IT5y2QbXzLAyiWMQMVixILsSkQfFHEZEZA0m-3Wx6Vi2kbXzRmhQ3WN6nc&sig=Cg0ArKJSzF3LMMPhoga3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 21 Aug 2022 07:24:45 GMT
spt
tg1.selectmedia.asia/api/adserver/ Frame C742
19 KB
6 KB
Script
General
Full URL
https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f0e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af6cbd980a2580b24ae78dab56a17b20b0950067c60853887516f97d2239a983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 07:24:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
5883
Expires
Sun, 21 Aug 2022 07:29:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C742
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C4B1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoToyCYyeXaZm9cNzj5lA-vI_DY56quV4YOEl-qVwoMvtkvKNb0kFsgSdlONHxz104SaZW50uYYFJD7Rtc-hs7Q4CCFxZhXlMspQ32YPUO6OLTT7lLvgZ6DPnYcZ4pFcsBMCXlOc0lxMHfOgoFUANLNJbfS_5gQbYrMEWX7527AJ5HNsgoL3cfnlLeWh2zduMTnri2lwCBIIvH1WkjVXkxyzNPW0azADjz9XD5F9y5-8c72B0wDf-2QlIjHeqC0BSse7TIxEkYb0Qifj_x06na8X1Z7lxm3mjmvc_AUGMPnnI8qMKgo5PTERoHCouK0ydnBCEzLTRaBxKZ5J5Caxmc1iMYMOf_R32NkADeeIQR&sai=AMfl-YQai5E43tb2nKnLlWSvQ_9DB-iQh6iAF-PwYoWymAS3vaovEt8kQwhFTivRf9Q4qW8x1_dow_GGnI9kcge9oegNQDIniV9JCdG1u18eGDv6SKpNszd72cMzNI-55J92WA4&sig=Cg0ArKJSzJ-ni_iQx-OPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 21 Aug 2022 07:24:45 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame C4B1
32 KB
11 KB
Script
General
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
20248
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 01:47:20 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
fiOKTldEJRI_VCAJeS10eSG-C6aj3yQ3Cdf8FXh7ZAj2ilF1baC_vQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4B1
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 736A
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 19:03:14 GMT
x-content-type-options
nosniff
server
cafe
age
44491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Aug 2022 19:03:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 736A
295 B
353 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
5629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Aug 2022 05:50:56 GMT
l
www.google.com/ads/measurement/ Frame 736A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1Io34Hok2nIAUSVx9LYRo-4ILqffBt7UtW7ti9Oz5rSgLGUXiyFB_E6ZfCOkvOn01a0uZo8WtA0XSQxl9V8Een3c1lQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 736A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdBc3vN0BY9akKIiN9u8PpcCl-AmRhvvJa8u0_NTFD-P4zo7DLxABIO_2kCFgleKQgqAHoAH42NijAcgBCakCALYDUSLXsD7gAgCoAwHIAwiqBO8BT9DYWBhLx9vxwMsvGeIBPNKQYLP4dwH08yvpi89T6aUP2lyQ9WsIKKbkrLjeUhChSs-i1hgv7XkgK-aZd4mdNfjckcccZUOE7MAqfbt3jvPFG0u5fC91HNCVantn1hP4Pz9tQ5HhY-nvgAtUsuM6JYbUOrEP2UTKtbeB8_3_j7i1scx10uevs2lsGeFMWAf_VE81oddF4gpcw1D-ytdLEDMs-AuilllUHoJc-Y-5I8mHhaeXVq5jzsFr_0rTCqOURm5-piMrycgLanSj5O5ZO04_xmWt2ZGFNtww1x5RGxjER2rqEq1y8YpW8MYT22zABNeJpID8A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfwpqfcAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELTqBtIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=ze1d25JL-3s&uach_m=[UACH]&template_id=419
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

truncated
/ Frame 736A
24 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1760708344a04220b5d0242c03f3dd26d57fda79aef73150511613a53001ca39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 736A
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd65a5c92613b1a231f11a30003b9f924ecdfff113905a7dc9de99db6c595f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/jpeg
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 800A
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 19:03:14 GMT
x-content-type-options
nosniff
server
cafe
age
44491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Aug 2022 19:03:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 800A
295 B
398 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
5629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Aug 2022 05:50:56 GMT
l
www.google.com/ads/measurement/ Frame 800A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYdJJKTOVZlzKOilp08k7W7nLwqvQNfCevZuIcEqJ06Z3cb8iTeWCbpp-V8ZDhBBkMsURWHNIy5fjVhMjmCoG1hdvNcg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 800A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuE2JvN0BY9ekKIiN9u8PpcCl-AmRhvvJa8u0_NTFD-P4zo7DLxABIO_2kCFgleKQgqAHoAH42NijAcgBCakCALYDUSLXsD7gAgCoAwHIAwiqBO8BT9DE2YVyW7cSLa6j4jKVUh3pdf50kyZnagGbiLGS0zhOfzGPtT004proB4wAnDaP5IMno-OKvZDFkv6rjJGqaWHYv2MaY2XyEIOb-q09W6x6REWwQUdEUrzUu549vMkjMO0CHZi2JLeXAA-oa9i9ifnsk90J5Mi7miP5O-K3v9NPFtJF-umO3LTCEywBsBaGgYqfWVpsbOBSOKdnTS2Yv6PF_Bg9De_s6NIQK0pMwGCsBnvFtAUUPa-VNEJAwqS5ZlA7AcYULWxJv074CxmP__J3xE7j9QXxpTJRrPmG-IhYF4ESR1RajLNDA2viV2jABNeJpID8A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfwpqfcAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENiCB9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=biysSDpDy2Y&uach_m=[UACH]&template_id=419
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

truncated
/ Frame 800A
24 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1760708344a04220b5d0242c03f3dd26d57fda79aef73150511613a53001ca39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 800A
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd65a5c92613b1a231f11a30003b9f924ecdfff113905a7dc9de99db6c595f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/jpeg
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD10
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 19:03:14 GMT
x-content-type-options
nosniff
server
cafe
age
44491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Aug 2022 19:03:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD10
295 B
353 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
5629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Aug 2022 05:50:56 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CD10
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbc7ivN0BY9ikKIiN9u8PpcCl-AmRhvvJa4Op_NTFD-P4zo7DLxABIO_2kCFgleKQgqAHoAH42NijAcgBCakCALYDUSLXsD7gAgCoAwHIAwiqBO8BT9Cv6kFlXnV_RtaEJTGFrmiFWH4TBNgzIQj4Ec84oyKDgkz3FeqBolSoiCbdc-C4-cSxV-gvrKdsRspCUwMYAmFqQYrU4DuuZWCH7ZUDuYtNeqeWMzQokzFturGkKHQzC9_TOD4OnIHHpx7roU6TRZgJ-aQE08vFBY8pd8mHFTsm0Whpb27Xc4A-KHOidnDDp6RyphCQQnT0GsdBBXx9gpKIIazJ815u4ayxlalvbzwvcQFe4u1oy05Pz0FH9GazyNenKKaWWYlLeT5xMwXIeGKRkdBWhGCxgWMOLpRzG42QUGGfov2PoYei4bqNPbvABNeJpID8A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfwpqfcAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKaAE9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=pOnph3kJUSE&uach_m=[UACH]&template_id=419
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

truncated
/ Frame CD10
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcf7f9ef4ed95750fd2aa5ec5701effe42c77cf0524a8cd214e68c5f7ec9d972

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame CD10
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55b55e0528c15bb370d3650ffa8e37ffada14d2a853d1c66baabc06e045c673c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/jpeg
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8E4E
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNVyoJbhKI5pL0JXI2l18d9lXhz-mhWCDTDlOMdj1mrmlOfgSMvYoaR558Ss-6JW3aSJHpIhoarh-8nCcB4clpU8om2CGlNW8pqoMokymsiAmQ28m6H4V7Msg3YOF47BLrRtRp1rdY3LA5IyL0XJKBj3vgNqBegVZozocrNgeUVYSeNzWCA
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 96CA
79 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-SZBjotUCV4EcSoQbHG84JcSqQbxbadZ5fRjGT4UYqnIODIoCJBSSYUX2IKXwwjzWFLiuAovpqN5Cee_6fc8kXhnISA&cry=1&dbm_d=AKAmf-Ab85RgCGX9dVUk1x0705qPplSgIlerbOloUNWCoy97qGZLEGHIN5s0NUFb6wq59zpHKV7XYAnsLdoaogj7C8Y-lBmc-1m5o2eys9WEkgrQ57oRXiXnhiHGv1vOC96TdFTIlDz2EANhjP_Z4viHUzny4Ah7Og-Ad4PXBT0hFpFSIbXqFmKadpFv0_1Hda-X-PuOI2Wif4yfw7kRiJAXybpaV40F1t_wPJoY36kS08cP4YRPe-2aTgmE1Qa9v-AY9J3-DTyTCjah6cFAB5nxTYdYpLkQTktY0RHZg2hC2tdzJjR3eJGRs3HETmTTjMIsYxfn6VyUMcih0ceckuJCcWMuMr6z0fzFiUwt7i7TZLuNk0sTiH9czvwK_4s1dKIVzhDsNUZLeJM6VwFx0NtZly5LB4AYWZBQFdlvEwJjRCPJVhXslMDB0kWxcvJ24sY2v8DISwggKIIRCPtdNktNc2UPawLhEM3HHyomlwXOhxt2l_lYnMH_P6Xjr_zFEDz_K1Ze0EXYMRRfLNGqIk3o-ZS1DBpCW0ufo19HNWvU6SZhIbRpuKnrMRk9aNCdXvtKp-Ck3TWmNjdYDreQeGvpGeod_AhDDTTuLDfEIZ8cYQD6-StC0tQhUREiQ4P_SB3GeDZj40PCYVAuu_Qv3Ig1nx-e5vQcRDu3UO8UVphie2kz9Nqcv8u4bTzN7f_EdlCvuk8GtKmbgrkrX4UUlCrrNPdWQBAtLO_G3VyMcl4ZIaqrobEvPSlKdY2ocx0cPqap_2dRbZ3YCgpdBtzxuZIyzrS-zh912NdvNt0b5tF3g1MYeKBbauPtsf6wGu2r8nVSVj1XcwTB8W2X2jSVpqb037JSMC0R7PYbxUzj7qg4jZUQt3ruX1uovAp0L4AhsMlrGuvxgBHxU-23va1G2tYaUsy7fRrJ8-lQ1Ujj7uF-5sRY-_IltYQ3VD0joYgRqrH7j-3TPX__qL4UieTTwFw3VJCxr6YzqIp3BOFMHyIEGTQF0X-KFyVPimZYZnEa6fnzUGPKJVSWl5gzMYdhuRVAoLdeKiZ0YsRuy9B4_M8-HqwT_CO_0V2PEgAf3Y6umxGCz5QvlTTXjRpM8Azz2tczVH8PEMKKWTYtv4ML6Fpa0stG8F27cmi3WT3tktz52jdv61vTRHlh--V5fGZzwCesfM0vshts5aQ_fH9A7dxViLs8qmWId5hLMUo30GZ3zDdd7h4rD1Hb3i12Eiwc65jGt7BriOIaXPBIYLgZqgcWqRRJ-DAMxiPNOtOY6rjky-HgKiQ-o1jffwnlwHLJievpD65ZMRpBtoY2hS-V4EOOMDsezP3KspGopqW6s04dPd-k2Czz634N6xlIlI6oSpKrusUf0NeqFXM-fcPM_YuzAw9T0C6lLRmOWz8A8tjhW9X15LunhlMRXsOCBZdt0aZ0M9vF1ewP20M1kEnHaOCVYypKBRASh8scFz-Q3vL490JYe7917lMI5W8Nr73Lg3BVHccCrBKzmuUGYLYFH1ovMDtjz0EsmRB9ZawxGACVbOZ2D3NL72FLcagUk5dn8bvVT-lPfUD6x5cnKVoJkPEElFOyg93RHrPwrdAGa_JgvQrb7BGUJntKZRYyZxp6hqrlkURrErYPVX8TgngEJF9ZeAfkYqCxOe8p0nCLV4q2Hf2p8hqf6rfURT3S3hBBZGcQlMZZd_HQuFRvO-MB5Hmc11n0Z5TVfW8REModkBZZxghdA2-BqvC-wkO_Imge8bsvZ9tJFte8wZNVsOm32WdhhROdl-rYy9IyKoQrpZdPWCnq8Uz05e4qaq_nNsNTo2qrjAfiHydf4gq5dnPMFPud-4Ltycscc4Qn3mrj9ZiYj_zK65mbOfnwKU2LQJxWVW7Z7WyMVIy7rHGNFpbHVgw0b5fchALN0ApAwAYyt0V9Ng9GM0xt2le_au7ksvsy7flBZTQoK-HvG4tqV4NE9kgyqp1A49C7U6Lg6UZn1yRmIvp6bLIOhVDlbOlnJEpzIIgaOhUKYH0Gb-LuJRBYOKJjHrIL1Rc7VnV_h4S-YgxiITF9H5_kyezMdJwNPqIZrPQksXZw2Zve76AJ3g8r2ZlhJ99EhNJnGsGoEGvZmgeDvzGbLcSYZb0iwCmo2AiRiqq-Evth5oCjTZEvrHwt6RZEb_235QXB2ZTpUSV6nRyosEpuhho5J7xeoxpwE-J7ymgFjFuv9RTprXe8LQBH_lrLOKT0le_iCNGFTf4VHrxkZ3XisGWVogD2n2LDXBnlcGhO2Vv0D1w9NvDOIWcQVywR8BBw4znPONsYNvqrQrEih1JkwkSROW8Dtp6dYxDydL9ALQOpI6JbKeueEAkBjXn2eMxZG2TiJYjjndBuuijbbLUoCUy9TJ_Z2AEqkB65Gp0x-HCAyjCmwAv8li1RsniPM73TiHRd-Wc1khju4ovio6W0Wr14Qa-leZJmWHrGfXPJAhwLvjfj0hxMQ-c5VfsGt6WtkN81lYvZMcpBSrl2sU7sbAetWOLQbBlYSUlzBcj8CrheVjUyb_YNtgrpTKLlOBlm-reeyOwtNk-q7x7pgBXZjGUVEsqqR1qxq__cam-naHN6gb4p8hdZrn7HxYmVt_pNIgZRyWZrm-bpre5Scx5dYN5fjHkCnILeO0vjiVXX5AONL4PTbhvAD5sRFqxofQhZCzN9peLpHgTFieSTeTFv9g-hVA3VanlbFvWIg3w9Jx85KAm9WzoD6Cr-mVaBw2xvRbqDiFI2a63w0fksY88i9-TL7ZASikPaH1dLHyB6OWLW4wR48tpIIvp_Nx4_OoCET3uXruAGnzqHtCxuwE0KcknWulawr8puoUkCIagfh3LHb1nQ1AA6hTGV1swqEAayoVfapE9qs0HH-JB1xxJZXpFp0DsoyTPjMbCxYx2IJOzcaJ7r7qhv0Ek23wSAVIfaunMsDV29UQWGosqy6vSZ2EXx-uZqrPNuxEhNE8Jg69ESJIeAq4XIwdEYw8Ouu3jsrOM84TXJZWPptipgwRP-h5CORGb_TF5ink-BjHXyChD5hsnnXCTaXRljUPt2j7A-QYk6B6dpMi5m-bOMfs2QPKBxfToyBeRpfv7DITaMSBt_skXlu31Qjqq37zbNuEv2bSt3Pwy8_CmdXtHkptTdWJ5qHBStB86YBYsk9PTdekLyADA4HXKP8PxuhJE8hvlejNZ10po&cid=CAASKORohsaM-ZjJaB08CkZ7fOPqUns_046u7ObV5Hj1SVs2FYOUWQ4fn7o&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
084c9d7671a09c4a159c12d67e63228be5af60b5c2f95e3ca0b944f1976e061d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33819
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96CA
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-dufdwBEMiKiXW5u7boLTsEsZph3HRvUqfcKXfxGRA-K41G4RiJ3Kq41zqodJ6FD1-IGlytceP-wHshidb7kaVQEKbf7-LwI2xjaqMG_FCn4IjI0
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 96CA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:24:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 96CA
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 96CA
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:21:01 GMT
l
www.google.com/ads/measurement/ Frame 96CA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjKaPJZPY5ow6AGxZMU1rPv6lfcYpXlbE8uoj_iuLwZahTRQLhYHhqzRbG1LltmV8eqKEyPBA3aTgSby86KaangxvuNQ
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 9651
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAQqIvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE6gFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEAi_aLRsnB7urxcKVz1hH8J9HqMK3qUIPxPoOqMG7WZNjaQ8YjRvgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=W7ISyusYIC0&uach_m=[UACH]&cid=CAQSPwCsnQUxATdub3UuThx3tW-PFzgal_xvjY_-GAlXsPZyb5mbL2BdsM1oJInX5ULQfc72ayZpN9kMfzMC5YxedxgB
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9651
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-DuEsc1rAL6AZ2DYgICAAAAoVE7jJl3H1IffN3qK-WvnBC83QFjcx4ZqYsqgxqGjb4AEgAA&wp=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
server
Kestrel
server-processing-duration-in-ticks
169526
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6FC7
198 KB
56 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9b65bf8e32682c44070056331110f36cd00b717998ded48625e0eacbb539266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qtKrJuuyQPKwcwoO-W13DCGRmKfFC9y6IKxJNkMUxFJ-emMeNq2tu3AUiOwK5AJuQL4vwCVXdDzPKU02DHyeoHccgVLU4m71SIOubZI-9_AziNhdkBVk9LxLkoK_o9iq7Dje4nb24OUgtEW37vmfL3flxjPeutAd56hGRzgzUvuInc4FHc61TCK9D0BskH8ZXhHd3r0FVznF8joq1HtCWNqmMa0w8mZEL8ApS6NusVaEldg7QkUQEBhGf_hHv09B9jFqfA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
110150037
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 9651
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:24:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9651
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 9651
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:21:01 GMT
l
www.google.com/ads/measurement/ Frame 9651
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvQjEA68kBlRRrj8lAFxUPZ3G5PifBYzXanbDJ75wJE8z0_k80d9AFVAfg_V-m8fgRd9qj9h-nyitem9WiURwu8M0IoQ
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9651
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 06:50:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Aug 2023 06:50:51 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/ Frame 8481
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7031
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 05:27:34 GMT
etag
8616628553774171045
expires
Sun, 04 Sep 2022 05:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066691978&oz_l=243&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame C742
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
637e4f105c2c755fa2c0b09570c47881dc2d96a76b403925181cc9393ae9aa16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C4B1
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf48afd046f0203addfcb0c27ef42803b76a258a9292ab72e4f5176f4f4525fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FD1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 23:03:50 GMT
expires
Sun, 20 Aug 2023 23:03:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 627A
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8a14b603fd903e6306ad80789aab46949ed7c2ff0c28876357ac63e0ca36c99e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tdjy1KjCJGm48BNBejMopA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Tdjy1KjCJGm48BNBejMopA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:45 GMT
expires
Sun, 21 Aug 2022 07:24:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 96CA
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
Origin
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 17:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 17:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 96CA
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-SZBjotUCV4EcSoQbHG84JcSqQbxbadZ5fRjGT4UYqnIODIoCJBSSYUX2IKXwwjzWFLiuAovpqN5Cee_6fc8kXhnISA&cry=1&dbm_d=AKAmf-Ab85RgCGX9dVUk1x0705qPplSgIlerbOloUNWCoy97qGZLEGHIN5s0NUFb6wq59zpHKV7XYAnsLdoaogj7C8Y-lBmc-1m5o2eys9WEkgrQ57oRXiXnhiHGv1vOC96TdFTIlDz2EANhjP_Z4viHUzny4Ah7Og-Ad4PXBT0hFpFSIbXqFmKadpFv0_1Hda-X-PuOI2Wif4yfw7kRiJAXybpaV40F1t_wPJoY36kS08cP4YRPe-2aTgmE1Qa9v-AY9J3-DTyTCjah6cFAB5nxTYdYpLkQTktY0RHZg2hC2tdzJjR3eJGRs3HETmTTjMIsYxfn6VyUMcih0ceckuJCcWMuMr6z0fzFiUwt7i7TZLuNk0sTiH9czvwK_4s1dKIVzhDsNUZLeJM6VwFx0NtZly5LB4AYWZBQFdlvEwJjRCPJVhXslMDB0kWxcvJ24sY2v8DISwggKIIRCPtdNktNc2UPawLhEM3HHyomlwXOhxt2l_lYnMH_P6Xjr_zFEDz_K1Ze0EXYMRRfLNGqIk3o-ZS1DBpCW0ufo19HNWvU6SZhIbRpuKnrMRk9aNCdXvtKp-Ck3TWmNjdYDreQeGvpGeod_AhDDTTuLDfEIZ8cYQD6-StC0tQhUREiQ4P_SB3GeDZj40PCYVAuu_Qv3Ig1nx-e5vQcRDu3UO8UVphie2kz9Nqcv8u4bTzN7f_EdlCvuk8GtKmbgrkrX4UUlCrrNPdWQBAtLO_G3VyMcl4ZIaqrobEvPSlKdY2ocx0cPqap_2dRbZ3YCgpdBtzxuZIyzrS-zh912NdvNt0b5tF3g1MYeKBbauPtsf6wGu2r8nVSVj1XcwTB8W2X2jSVpqb037JSMC0R7PYbxUzj7qg4jZUQt3ruX1uovAp0L4AhsMlrGuvxgBHxU-23va1G2tYaUsy7fRrJ8-lQ1Ujj7uF-5sRY-_IltYQ3VD0joYgRqrH7j-3TPX__qL4UieTTwFw3VJCxr6YzqIp3BOFMHyIEGTQF0X-KFyVPimZYZnEa6fnzUGPKJVSWl5gzMYdhuRVAoLdeKiZ0YsRuy9B4_M8-HqwT_CO_0V2PEgAf3Y6umxGCz5QvlTTXjRpM8Azz2tczVH8PEMKKWTYtv4ML6Fpa0stG8F27cmi3WT3tktz52jdv61vTRHlh--V5fGZzwCesfM0vshts5aQ_fH9A7dxViLs8qmWId5hLMUo30GZ3zDdd7h4rD1Hb3i12Eiwc65jGt7BriOIaXPBIYLgZqgcWqRRJ-DAMxiPNOtOY6rjky-HgKiQ-o1jffwnlwHLJievpD65ZMRpBtoY2hS-V4EOOMDsezP3KspGopqW6s04dPd-k2Czz634N6xlIlI6oSpKrusUf0NeqFXM-fcPM_YuzAw9T0C6lLRmOWz8A8tjhW9X15LunhlMRXsOCBZdt0aZ0M9vF1ewP20M1kEnHaOCVYypKBRASh8scFz-Q3vL490JYe7917lMI5W8Nr73Lg3BVHccCrBKzmuUGYLYFH1ovMDtjz0EsmRB9ZawxGACVbOZ2D3NL72FLcagUk5dn8bvVT-lPfUD6x5cnKVoJkPEElFOyg93RHrPwrdAGa_JgvQrb7BGUJntKZRYyZxp6hqrlkURrErYPVX8TgngEJF9ZeAfkYqCxOe8p0nCLV4q2Hf2p8hqf6rfURT3S3hBBZGcQlMZZd_HQuFRvO-MB5Hmc11n0Z5TVfW8REModkBZZxghdA2-BqvC-wkO_Imge8bsvZ9tJFte8wZNVsOm32WdhhROdl-rYy9IyKoQrpZdPWCnq8Uz05e4qaq_nNsNTo2qrjAfiHydf4gq5dnPMFPud-4Ltycscc4Qn3mrj9ZiYj_zK65mbOfnwKU2LQJxWVW7Z7WyMVIy7rHGNFpbHVgw0b5fchALN0ApAwAYyt0V9Ng9GM0xt2le_au7ksvsy7flBZTQoK-HvG4tqV4NE9kgyqp1A49C7U6Lg6UZn1yRmIvp6bLIOhVDlbOlnJEpzIIgaOhUKYH0Gb-LuJRBYOKJjHrIL1Rc7VnV_h4S-YgxiITF9H5_kyezMdJwNPqIZrPQksXZw2Zve76AJ3g8r2ZlhJ99EhNJnGsGoEGvZmgeDvzGbLcSYZb0iwCmo2AiRiqq-Evth5oCjTZEvrHwt6RZEb_235QXB2ZTpUSV6nRyosEpuhho5J7xeoxpwE-J7ymgFjFuv9RTprXe8LQBH_lrLOKT0le_iCNGFTf4VHrxkZ3XisGWVogD2n2LDXBnlcGhO2Vv0D1w9NvDOIWcQVywR8BBw4znPONsYNvqrQrEih1JkwkSROW8Dtp6dYxDydL9ALQOpI6JbKeueEAkBjXn2eMxZG2TiJYjjndBuuijbbLUoCUy9TJ_Z2AEqkB65Gp0x-HCAyjCmwAv8li1RsniPM73TiHRd-Wc1khju4ovio6W0Wr14Qa-leZJmWHrGfXPJAhwLvjfj0hxMQ-c5VfsGt6WtkN81lYvZMcpBSrl2sU7sbAetWOLQbBlYSUlzBcj8CrheVjUyb_YNtgrpTKLlOBlm-reeyOwtNk-q7x7pgBXZjGUVEsqqR1qxq__cam-naHN6gb4p8hdZrn7HxYmVt_pNIgZRyWZrm-bpre5Scx5dYN5fjHkCnILeO0vjiVXX5AONL4PTbhvAD5sRFqxofQhZCzN9peLpHgTFieSTeTFv9g-hVA3VanlbFvWIg3w9Jx85KAm9WzoD6Cr-mVaBw2xvRbqDiFI2a63w0fksY88i9-TL7ZASikPaH1dLHyB6OWLW4wR48tpIIvp_Nx4_OoCET3uXruAGnzqHtCxuwE0KcknWulawr8puoUkCIagfh3LHb1nQ1AA6hTGV1swqEAayoVfapE9qs0HH-JB1xxJZXpFp0DsoyTPjMbCxYx2IJOzcaJ7r7qhv0Ek23wSAVIfaunMsDV29UQWGosqy6vSZ2EXx-uZqrPNuxEhNE8Jg69ESJIeAq4XIwdEYw8Ouu3jsrOM84TXJZWPptipgwRP-h5CORGb_TF5ink-BjHXyChD5hsnnXCTaXRljUPt2j7A-QYk6B6dpMi5m-bOMfs2QPKBxfToyBeRpfv7DITaMSBt_skXlu31Qjqq37zbNuEv2bSt3Pwy8_CmdXtHkptTdWJ5qHBStB86YBYsk9PTdekLyADA4HXKP8PxuhJE8hvlejNZ10po&cid=CAASKORohsaM-ZjJaB08CkZ7fOPqUns_046u7ObV5Hj1SVs2FYOUWQ4fn7o&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:18:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 96CA
30 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-SZBjotUCV4EcSoQbHG84JcSqQbxbadZ5fRjGT4UYqnIODIoCJBSSYUX2IKXwwjzWFLiuAovpqN5Cee_6fc8kXhnISA&cry=1&dbm_d=AKAmf-Ab85RgCGX9dVUk1x0705qPplSgIlerbOloUNWCoy97qGZLEGHIN5s0NUFb6wq59zpHKV7XYAnsLdoaogj7C8Y-lBmc-1m5o2eys9WEkgrQ57oRXiXnhiHGv1vOC96TdFTIlDz2EANhjP_Z4viHUzny4Ah7Og-Ad4PXBT0hFpFSIbXqFmKadpFv0_1Hda-X-PuOI2Wif4yfw7kRiJAXybpaV40F1t_wPJoY36kS08cP4YRPe-2aTgmE1Qa9v-AY9J3-DTyTCjah6cFAB5nxTYdYpLkQTktY0RHZg2hC2tdzJjR3eJGRs3HETmTTjMIsYxfn6VyUMcih0ceckuJCcWMuMr6z0fzFiUwt7i7TZLuNk0sTiH9czvwK_4s1dKIVzhDsNUZLeJM6VwFx0NtZly5LB4AYWZBQFdlvEwJjRCPJVhXslMDB0kWxcvJ24sY2v8DISwggKIIRCPtdNktNc2UPawLhEM3HHyomlwXOhxt2l_lYnMH_P6Xjr_zFEDz_K1Ze0EXYMRRfLNGqIk3o-ZS1DBpCW0ufo19HNWvU6SZhIbRpuKnrMRk9aNCdXvtKp-Ck3TWmNjdYDreQeGvpGeod_AhDDTTuLDfEIZ8cYQD6-StC0tQhUREiQ4P_SB3GeDZj40PCYVAuu_Qv3Ig1nx-e5vQcRDu3UO8UVphie2kz9Nqcv8u4bTzN7f_EdlCvuk8GtKmbgrkrX4UUlCrrNPdWQBAtLO_G3VyMcl4ZIaqrobEvPSlKdY2ocx0cPqap_2dRbZ3YCgpdBtzxuZIyzrS-zh912NdvNt0b5tF3g1MYeKBbauPtsf6wGu2r8nVSVj1XcwTB8W2X2jSVpqb037JSMC0R7PYbxUzj7qg4jZUQt3ruX1uovAp0L4AhsMlrGuvxgBHxU-23va1G2tYaUsy7fRrJ8-lQ1Ujj7uF-5sRY-_IltYQ3VD0joYgRqrH7j-3TPX__qL4UieTTwFw3VJCxr6YzqIp3BOFMHyIEGTQF0X-KFyVPimZYZnEa6fnzUGPKJVSWl5gzMYdhuRVAoLdeKiZ0YsRuy9B4_M8-HqwT_CO_0V2PEgAf3Y6umxGCz5QvlTTXjRpM8Azz2tczVH8PEMKKWTYtv4ML6Fpa0stG8F27cmi3WT3tktz52jdv61vTRHlh--V5fGZzwCesfM0vshts5aQ_fH9A7dxViLs8qmWId5hLMUo30GZ3zDdd7h4rD1Hb3i12Eiwc65jGt7BriOIaXPBIYLgZqgcWqRRJ-DAMxiPNOtOY6rjky-HgKiQ-o1jffwnlwHLJievpD65ZMRpBtoY2hS-V4EOOMDsezP3KspGopqW6s04dPd-k2Czz634N6xlIlI6oSpKrusUf0NeqFXM-fcPM_YuzAw9T0C6lLRmOWz8A8tjhW9X15LunhlMRXsOCBZdt0aZ0M9vF1ewP20M1kEnHaOCVYypKBRASh8scFz-Q3vL490JYe7917lMI5W8Nr73Lg3BVHccCrBKzmuUGYLYFH1ovMDtjz0EsmRB9ZawxGACVbOZ2D3NL72FLcagUk5dn8bvVT-lPfUD6x5cnKVoJkPEElFOyg93RHrPwrdAGa_JgvQrb7BGUJntKZRYyZxp6hqrlkURrErYPVX8TgngEJF9ZeAfkYqCxOe8p0nCLV4q2Hf2p8hqf6rfURT3S3hBBZGcQlMZZd_HQuFRvO-MB5Hmc11n0Z5TVfW8REModkBZZxghdA2-BqvC-wkO_Imge8bsvZ9tJFte8wZNVsOm32WdhhROdl-rYy9IyKoQrpZdPWCnq8Uz05e4qaq_nNsNTo2qrjAfiHydf4gq5dnPMFPud-4Ltycscc4Qn3mrj9ZiYj_zK65mbOfnwKU2LQJxWVW7Z7WyMVIy7rHGNFpbHVgw0b5fchALN0ApAwAYyt0V9Ng9GM0xt2le_au7ksvsy7flBZTQoK-HvG4tqV4NE9kgyqp1A49C7U6Lg6UZn1yRmIvp6bLIOhVDlbOlnJEpzIIgaOhUKYH0Gb-LuJRBYOKJjHrIL1Rc7VnV_h4S-YgxiITF9H5_kyezMdJwNPqIZrPQksXZw2Zve76AJ3g8r2ZlhJ99EhNJnGsGoEGvZmgeDvzGbLcSYZb0iwCmo2AiRiqq-Evth5oCjTZEvrHwt6RZEb_235QXB2ZTpUSV6nRyosEpuhho5J7xeoxpwE-J7ymgFjFuv9RTprXe8LQBH_lrLOKT0le_iCNGFTf4VHrxkZ3XisGWVogD2n2LDXBnlcGhO2Vv0D1w9NvDOIWcQVywR8BBw4znPONsYNvqrQrEih1JkwkSROW8Dtp6dYxDydL9ALQOpI6JbKeueEAkBjXn2eMxZG2TiJYjjndBuuijbbLUoCUy9TJ_Z2AEqkB65Gp0x-HCAyjCmwAv8li1RsniPM73TiHRd-Wc1khju4ovio6W0Wr14Qa-leZJmWHrGfXPJAhwLvjfj0hxMQ-c5VfsGt6WtkN81lYvZMcpBSrl2sU7sbAetWOLQbBlYSUlzBcj8CrheVjUyb_YNtgrpTKLlOBlm-reeyOwtNk-q7x7pgBXZjGUVEsqqR1qxq__cam-naHN6gb4p8hdZrn7HxYmVt_pNIgZRyWZrm-bpre5Scx5dYN5fjHkCnILeO0vjiVXX5AONL4PTbhvAD5sRFqxofQhZCzN9peLpHgTFieSTeTFv9g-hVA3VanlbFvWIg3w9Jx85KAm9WzoD6Cr-mVaBw2xvRbqDiFI2a63w0fksY88i9-TL7ZASikPaH1dLHyB6OWLW4wR48tpIIvp_Nx4_OoCET3uXruAGnzqHtCxuwE0KcknWulawr8puoUkCIagfh3LHb1nQ1AA6hTGV1swqEAayoVfapE9qs0HH-JB1xxJZXpFp0DsoyTPjMbCxYx2IJOzcaJ7r7qhv0Ek23wSAVIfaunMsDV29UQWGosqy6vSZ2EXx-uZqrPNuxEhNE8Jg69ESJIeAq4XIwdEYw8Ouu3jsrOM84TXJZWPptipgwRP-h5CORGb_TF5ink-BjHXyChD5hsnnXCTaXRljUPt2j7A-QYk6B6dpMi5m-bOMfs2QPKBxfToyBeRpfv7DITaMSBt_skXlu31Qjqq37zbNuEv2bSt3Pwy8_CmdXtHkptTdWJ5qHBStB86YBYsk9PTdekLyADA4HXKP8PxuhJE8hvlejNZ10po&cid=CAASKORohsaM-ZjJaB08CkZ7fOPqUns_046u7ObV5Hj1SVs2FYOUWQ4fn7o&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:19:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 800A
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 19:03:14 GMT
x-content-type-options
nosniff
server
cafe
age
44491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Aug 2022 19:03:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 800A
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
5629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Aug 2022 05:50:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD10
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 19:03:14 GMT
x-content-type-options
nosniff
server
cafe
age
44491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Aug 2022 19:03:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD10
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
5629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 22 Aug 2022 05:50:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
43 B
946 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNVyoJbhKI5pL0JXI2l18d9lXhz-mhWCDTDlOMdj1mrmlOfgSMvYoaR558Ss-6JW3aSJHpIhoarh-8nCcB4clpU8om2CGlNW8pqoMokymsiAmQ28m6H4V7Msg3YOF47BLrRtRp1rdY3LA5IyL0XJKBj3vgNqBegVZozocrNgeUVYSeNzWCA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a1821a0c917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbO0FAJ0vJ3OvOlUQPl8FI81sXI0TnfdCtmDpFHNQgLYBnVCGhl%2FysdxVvQDV3Rw2y%2Br2GftLBporgKGWpub%2BntzdpbTmXPTpvVOR2Yevllu8kFWcBcGd9fL3jW7WXbfW9SmcCYjxj%2F8YA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E4E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwHdvduxuzzLFK8kCC-6MgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
43 B
915 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNVyoJbhKI5pL0JXI2l18d9lXhz-mhWCDTDlOMdj1mrmlOfgSMvYoaR558Ss-6JW3aSJHpIhoarh-8nCcB4clpU8om2CGlNW8pqoMokymsiAmQ28m6H4V7Msg3YOF47BLrRtRp1rdY3LA5IyL0XJKBj3vgNqBegVZozocrNgeUVYSeNzWCA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a183cc67917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk1ZfW0UfT0s%2FuSnGiDZ00Q8vG4U9KQ40qkSvg8FDp175ZlbGG23rmG%2BljNjCRRwNSrI%2F%2Fm%2BkasFK4epjPX7zZpyrN6pMGSQEmtHhph%2FoANpR5ezN5fV6jFLjAXdDYpC%2B2RueFuEgjHpJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs0NHroBgeg0Z_05CJbpeE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 8E4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ32ZfFWJ3qY8c1yu9d8Fwc&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ32ZfFWJ3qY8c1yu9d8Fwc%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ32ZfFWJ3qY8c1yu9d8Fwc%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNVyoJbhKI5pL0JXI2l18d9lXhz-mhWCDTDlOMdj1mrmlOfgSMvYoaR558Ss-6JW3aSJHpIhoarh-8nCcB4clpU8om2CGlNW8pqoMokymsiAmQ28m6H4V7Msg3YOF47BLrRtRp1rdY3LA5IyL0XJKBj3vgNqBegVZozocrNgeUVYSeNzWCA
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:45 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
961f43e6-6587-4dbd-839d-837c04d79d42
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:45 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c624de5c-6418-499b-934a-de037ef245e4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ32ZfFWJ3qY8c1yu9d8Fwc%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8E4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NzY1NjMxMjY4MDYxOTU3NQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NzY1NjMxMjY4MDYxOTU3NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARi18ZC_ATAB&v=APEucNVyoJbhKI5pL0JXI2l18d9lXhz-mhWCDTDlOMdj1mrmlOfgSMvYoaR558Ss-6JW3aSJHpIhoarh-8nCcB4clpU8om2CGlNW8pqoMokymsiAmQ28m6H4V7Msg3YOF47BLrRtRp1rdY3LA5IyL0XJKBj3vgNqBegVZozocrNgeUVYSeNzWCA
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:45 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6d633b2d-8d27-40ea-93f1-86285e556ace
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NzY1NjMxMjY4MDYxOTU3NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css2
fonts.googleapis.com/ Frame 8481
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 07:08:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 07:24:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 07:24:45 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8481
205 B
742 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:30:01 GMT
x-content-type-options
nosniff
age
6884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 21 Aug 2023 05:30:01 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8481
604 B
694 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:48:43 GMT
x-content-type-options
nosniff
age
5762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 21 Aug 2023 05:48:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 8481
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 06:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
5162546928090487746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 06:58:17 GMT
abc.txt
static.avantisvideo.com/data/ Frame C4B1
10 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f200:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a4c2f02417925a87e6c21ec3280f3c76f0ddd13e0589991c0b482f44c127c6d

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 11:13:53 GMT
content-encoding
gzip
last-modified
Wed, 17 Aug 2022 11:10:53 GMT
server
AmazonS3
age
72652
etag
W/"61c9ad000c357d8d2f9b910b6a704e3d"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
0jvDAgFaVf4Il8XtObTIzOmOmPtGTRSUjroFF-4mfmJMMws1AslWvg==
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame C4B1
10 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f200:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a4c2f02417925a87e6c21ec3280f3c76f0ddd13e0589991c0b482f44c127c6d

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 11:13:53 GMT
content-encoding
gzip
last-modified
Wed, 17 Aug 2022 11:10:53 GMT
server
AmazonS3
age
72652
etag
W/"61c9ad000c357d8d2f9b910b6a704e3d"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
F8x1UjfD3xwt4Vv6bioq7E5HvHO_b11anX0OmZryb5DNpo1SNzidrA==
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
/
events1.avantisvideo.com/ Frame C4B1
0
35 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
/
events1.avantisvideo.com/ Frame C4B1
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C4B1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDNRxJYoIPn4FbtNdAA6MGHxkvNch0gS3kZJzOAi-fsm9_5Xirtne0sF5g4wQz_B0GteqkI8NEPgxlfu5Dw6_rYWqf9IaLEab6IcScygjChqFVjbHgfSF74oCOzrTE72u9yHk27mVjnj336EiD6Qpp71O06UsuYNyGJK576NjIhEg73FcqMmHkSnRok5yBLoSwSysOErMezBoZh6quLALjCqpsZbyVOa6BUp9ur-L_Z8JiorLxQLngeYncRJkfljSMmsU3ncQS3etoDt9FumqbjZtW7fsS-QXJYPGbN1SRSUUyWPgwJO7M8wWklr_m0TXBiboKvBn00sqVr4FMaGEiv35Fdn85yoyDLFXUKxVpi6E&sai=AMfl-YTnVwz_EWwxQANE3-rFufXIf16tJNfHmSLbTRR7PkEkHFQd9arAjF9Zeg4ewl1wWV_C6c828esr0zntGxVTwllC_Vxg0lYkN6ByHHfhcStarwhbhUrC2jcqu9PN2_Y1Bu8&sig=Cg0ArKJSzI7InIl0CuI7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 21 Aug 2022 07:24:45 GMT
index.html
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
4 KB
1 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c932c1107432f3d5fe7cc4a268e573b3cf9a9d1aa74275955f70d062ce8d19c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1133
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 07:24:45 GMT
expires
Mon, 21 Aug 2023 07:24:45 GMT
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 96CA
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAu0TB9g3DrYEfoy_pQ2yDSEttEdp0uCpPlkVShslukvQcDiMbpy-l-IgOuY2Bqd0H2_geTirUT_kzt0NdU8X5REka84Nab8ZSbu6tg5DuWj2VAW22-kvtA1WWZvdb7o4YexN8FdYKtYxbrk1K0vnvqlqut5RasG9QytdfCWBQVHHn33XUC3rnXdD8BANpy8DHVwzCNj7jznMwRu0dPhvDst_wkug28VHlk1xAmu71lqdjYbrx37K_EnP9mnJD0iVAoqUgJvgHz0cUTmNlaiaX_lIvWLJddOuwpvffgJiWZQzS60u7yWz3Vuk7VglVb7CyHCIfv9tnKgF5j0Ydy6WP3AIuAB62bMGkNEcQTH6GWjQPvp1BAX0OJLi6TJ_0HAEOxf4ryZZQqm5in3PcebZCoqnLFVg-Zp0ljXtvFv2m2J5O_RxtXlobFcUiSwNhQNGuk7QMjUknIVBKrIOqPNLZ6j_alO1xUQ6dcBsgK8k4_vhyEt1x-c2pcYY95CsEOEaUhXXZuHqYe5q7594SkI7ZhsE7CH_gj02uA_HNC1B5HXJO3H4Ok-XJOaQ0hsgjraVx9YZ0dw08_C1bK41-i01UDhhMiXU7BZsmSTHe2f1UJnuHOpdSEmtdswQ7Bt5mUpCbti9eXLYCTs-yQnwuHQ_QE0QtT1xhlYCg0zMmb1ISnDUWZB_JFjxvS_xPm-xWm3vBwP1uVLKG9O5a3eaEGMANxA7Mbz91rJ-s3rjWyCDxUD7vg7iLtwCoyMn6qnsshnboFxvK8w0nS3fcS8KHH__rbrOGq2AgzU91nwPoJiwlBEokk58scljWupMl5B5-OF6mcxJGeRjLdebs7nNB2EqDRdCzstZQV07shszavIm8_LjzOkQNZ6zOjEPlXSVuPvt7uTyt7MkReE-KzZfMGFm2BUWILN3508a-8mRVJ-sGCjksu4YGB2DXLf5amAA9yDGh5uxpyLO5htJ9jATu2lKaSchTAl6wIyQ4tCAhzUTflvRjvCl-baKBDsIgBa2pQ8UHd38XoM_2rU6lgWaa0TQPJ6QjUxTi3L6H7UKTqCreeWG0BkIAZoMv7O8xy2VHKhCeydIrVjVjD1GXf8Nu7NboaHbf3qreoZBy0Kqs0Wt9sZG3keIh4EXhPoKTmKPXjRY4ppcWSBbTMrgFocFAcFWgFZhm3Zg38bz4IHqS9kyNRS4vEk-XSRomJX84zsV6i5x9&sai=AMfl-YS2oIg8GqdbXlvLllCtQv527IN6gpQWyBXbKGybOPTJWezZ5c8LbfARL7yeX2mff6JYX_0M9RT5h4VTN8atPgj3NzthHzb3HrSAW0zCrwHYFs6R8AUJ9OQdLOWZDezAoBGO5ZqV8HwRR34FbPygXKzJJZDhzYFKWISZcS-6LUb_gkZLUvCy8B0bNNsZZvDq3-IlhwvqKM1mVA3uCGhIJmTdgasGqPorGg&sig=Cg0ArKJSzAG6aS4kVRilEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&cbvp=1&cstd=221&cisv=r20220817.48865&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 21 Aug 2022 07:24:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066692377&oz_l=550&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 96CA
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 14:07:23 GMT
truncated
/ Frame 96CA
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaf229d2bf27d6528b9fdbcb667a9dd96b90d12d0168473c889d13ef4657c3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9651
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c114fe96f7aeb39ef13475628183e721d354b0dabc4c99b6c054abc98cedf43a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 627A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=220171858650801&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

privacy_small.svg
static.criteo.net/flash/icon/ Frame 6FC7
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 07:24:45 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6FC7
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 07:24:45 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6FC7
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 16 Aug 2023 07:24:45 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6FC7
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 16 Aug 2023 07:24:45 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 6FC7
43 B
348 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=38IffvH_dNFOQcwVwoTGj-AZ12-_cJ_teWRW-TND2GC-x9VKivW527e8lHc_lQJ_6s8tv0d6KCHqz0PCk6QE58pG_AGExCzlG19-M4O7z4Ev-A-NBg2HUOysB6IBxfhArnsiwQcfdcTcv6TpqFGCI-VTG_R3q9jfwoeba52P5POt7Hz6CIXfQJmltseJiRWyx1uXRUvGV-LvzlpupkCnxyEOfK7cF3xv8ml6647XhNoOes7k3VeIqxlfqvKtX8bPK_UpQmCZAT-IZNQkWyXq5siS4I9Iq52Y8pLiz1qxMzVV46TUhoNfUku3i2UEblbNEZuL82FmpWkTKsVd0dcfGX6PpUWYBYdGAcU0pXust3qyvV4MwlugUvhhPOEs4VlWh6_yRkStT5icoHNDPUjDWuzzj4B1GpmZwpEIhHqHls-wmu32
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:45 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3117234
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame CB4C
46 KB
17 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61110
content-encoding
gzip
content-type
text/html
date
Sat, 20 Aug 2022 14:26:16 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-id
s8PsFW8QmWdjiGSYaahPym8UVl24uTq9RuzENKT21fdnS_kKaSACNQ==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 8FD1
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
160347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
player.js
player.aniview.com/script/6.1/
28 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtmmUL65Mt4VAajgrfgC4tCleTWkqQIHL06GtHXmwq6nLOyCWhQXqWfDQpkkFv5z3kHhD-zZ2sIYoBusOzEyh44AGddhBnv
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9902
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"d53cdd7a78033fb87e44a85e2bf6cbd6"
vary
Accept-Encoding
x-goog-hash
crc32c=Q3cm9w==, md5=1TzdengDP7h+RKheK/bL1g==
x-goog-generation
1659879239336880
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9902
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:45 GMT
track
track1.aniview.com/ Frame C742
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&cb=1661066692544&r=www.123greetings.com&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d65=&e=playerLoaded
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
css
fonts.googleapis.com/ Frame 5AB4
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 07:13:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 07:24:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 07:24:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 5AB4
2 KB
903 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:22:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 5AB4
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:18:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 5AB4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:24:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5AB4
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 5AB4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 07:21:01 GMT
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame 5AB4
33 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:39:26 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D7A
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
321441
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 14:07:24 GMT
expires
Thu, 17 Aug 2023 14:07:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hp_styles.css
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
2 KB
856 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50e8a52b27bad7da42a305a2e42aef96f6d9e745e0b98c01db9e08ae0c1901d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
827
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 07:08:09 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FEE4
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 07:24:45 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame FEE4
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Aug 2022 07:12:48 GMT
hp_main.js
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
5 KB
987 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f95ac04607c6e193e7e6a7cdc33c29681be7485f29f045c162170cd6cf09559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/index.html?e=69&leftOffset=0&topOffset=0&c=WAdNCtJihn&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 08:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
958
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 08:11:14 GMT
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066692534&oz_l=35&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6FC7
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
998418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s50Zj%2FaT2cX3olXtIyoPxXgJKT9t8CEcVEjMgxALX%2F1klzRn5MW4obnW8IcAlrfF%2FflBY%2BEjX7RXxzTl5WjPK%2F9En9TRzx1CmJpPUe2Y8WZVczKjN3GSXsTI0F1klhitGBJCXGdoqP3sRGX4ZOrFKF%2B8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73e1a1837ccc01f0-ZRH
expires
Fri, 11 Aug 2023 07:24:45 GMT
animejs.js
static.criteo.net/animejs/ Frame 6FC7
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 07:24:45 GMT
b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame 6FC7
56 KB
56 KB
Font
General
Full URL
https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
content-encoding
gzip
last-modified
Thu, 24 May 2018 07:59:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0670fe-dec4"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 07:24:46 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
5 KB
6 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=942&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F942%2F210816%2F232132f7860e42a1936cac015f404380_ca_logo-01.png&v=3&w=596&s=98cru8JzcaZbooQmfXNEAJuL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0aab059870f012f12f3e3fe550c62b6d8cef07be8d509a0ce69df144e7fdfe1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28686587
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5472
expires
Wed, 19 Jul 2023 07:54:33 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
9 KB
9 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1647600437%2F2165687-1-01.jpg&v=3&w=400&s=CqFjklQRRU4oBxtRg0H_7_LX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
82a8e05a6d7d26aabeba6e670f2dc45c68f21473a3dd5e74936a7950dca1ebe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31467328
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9098
expires
Sun, 20 Aug 2023 12:20:14 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
6 KB
6 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1658316017%2F2176018-2-01.jpg&v=3&w=400&s=6yN4BS_cgzi-30vl7Mmoo69T&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c14368184dcd321d4c6d1d3b4e1a17d11596f15bb50fd2722e5676d5585c6431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30099530
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5854
expires
Fri, 04 Aug 2023 16:23:36 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1650568469%2F2170539-1-01.jpg&v=3&w=400&s=uQZ6aDK7Ujh307dxfJzjlq4z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bb68aae18ecd5bcf816bb98cf5bb19c7e9fd1431b1519f746a9fd3aeb5d57e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30087936
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7130
expires
Fri, 04 Aug 2023 13:10:22 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
17 KB
17 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1651151959%2F2164805-1-01.jpg&v=3&w=400&s=VN2qTgjWPkNG8n8oqblhNNTp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4345999f1e5314c7793e3c89d5f980456cbf650aed92b95ce864d461563f9f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29676718
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
17258
expires
Sun, 30 Jul 2023 18:56:44 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
5 KB
5 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1657195819%2F2186030-1-01.jpg&v=3&w=400&s=C9Z3il05W7svZdIOGrQTiGv-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4a409076ca2553d234ff017fd0d2dcae6105cb2d3c691e73cdd8847c5dc62239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29232676
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4644
expires
Tue, 25 Jul 2023 15:36:02 GMT
img
pix.eu.criteo.net/img/ Frame 6FC7
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1657095183%2F2184778-1-08.jpg&v=3&w=400&s=8k6601xncQso20O3FVL3GI6a&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
712fbcbafa7c31afd31257609e96a088ac8ff42b95efd5d77f90d162bcda3367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:45 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29866701
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11454
expires
Tue, 01 Aug 2023 23:43:07 GMT
all
csm.eu.criteo.net/ Frame 6FC7
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qtKrJuuyQPKwcwoO-W13DCGRmKfFC9y6IKxJNkMUxFJ-emMeNq2tu3AUiOwK5AJuQL4vwCVXdDzPKU02DHyeoHccgVLU4m71SIOubZI-9_AziNhdkBVk9LxLkoK_o9iq7Dje4nb24OUgtEW37vmfL3flxjPeutAd56hGRzgzUvuInc4FHc61TCK9D0BskH8ZXhHd3r0FVznF8joq1HtCWNqmMa0w8mZEL8ApS6NusVaEldg7QkUQEBhGf_hHv09B9jFqfA&sds=2&rev=82471&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 07:24:45 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6FC7
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 07:24:46 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6FC7
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 16 Aug 2023 07:24:46 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame CB4C
222 B
975 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7e64c95d56e83616e955bba860b40bc00342e3cc49586bdb556e6199b5b6d9e3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
222
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Aug 2022 07:24:46 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
OvwI-S0gc5g913naP9fTtd5rmvV537TCtTYucBfIlfM2kuRS3Z9NCw==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sun, 21 Aug 2022 07:24:46 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id
s5AWgjmA_nhO7Zk_0y4m-cMmG2eLVL-fqAy69TJodrGiKCtggCwjyQ==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
b6dcc58b-3cfd-4efb-aaf9-ea8ac411e01e
https://www.123greetings.com/
787 B
0
Other
General
Full URL
blob:https://www.123greetings.com/b6dcc58b-3cfd-4efb-aaf9-ea8ac411e01e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
186456f68e798b6aeb8c250949d5568673a796257bfbb9ca6744c2c00d78c324

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
787
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 8D7A
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
160348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 96CA
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAu0TB9g3DrYEfoy_pQ2yDSEttEdp0uCpPlkVShslukvQcDiMbpy-l-IgOuY2Bqd0H2_geTirUT_kzt0NdU8X5REka84Nab8ZSbu6tg5DuWj2VAW22-kvtA1WWZvdb7o4YexN8FdYKtYxbrk1K0vnvqlqut5RasG9QytdfCWBQVHHn33XUC3rnXdD8BANpy8DHVwzCNj7jznMwRu0dPhvDst_wkug28VHlk1xAmu71lqdjYbrx37K_EnP9mnJD0iVAoqUgJvgHz0cUTmNlaiaX_lIvWLJddOuwpvffgJiWZQzS60u7yWz3Vuk7VglVb7CyHCIfv9tnKgF5j0Ydy6WP3AIuAB62bMGkNEcQTH6GWjQPvp1BAX0OJLi6TJ_0HAEOxf4ryZZQqm5in3PcebZCoqnLFVg-Zp0ljXtvFv2m2J5O_RxtXlobFcUiSwNhQNGuk7QMjUknIVBKrIOqPNLZ6j_alO1xUQ6dcBsgK8k4_vhyEt1x-c2pcYY95CsEOEaUhXXZuHqYe5q7594SkI7ZhsE7CH_gj02uA_HNC1B5HXJO3H4Ok-XJOaQ0hsgjraVx9YZ0dw08_C1bK41-i01UDhhMiXU7BZsmSTHe2f1UJnuHOpdSEmtdswQ7Bt5mUpCbti9eXLYCTs-yQnwuHQ_QE0QtT1xhlYCg0zMmb1ISnDUWZB_JFjxvS_xPm-xWm3vBwP1uVLKG9O5a3eaEGMANxA7Mbz91rJ-s3rjWyCDxUD7vg7iLtwCoyMn6qnsshnboFxvK8w0nS3fcS8KHH__rbrOGq2AgzU91nwPoJiwlBEokk58scljWupMl5B5-OF6mcxJGeRjLdebs7nNB2EqDRdCzstZQV07shszavIm8_LjzOkQNZ6zOjEPlXSVuPvt7uTyt7MkReE-KzZfMGFm2BUWILN3508a-8mRVJ-sGCjksu4YGB2DXLf5amAA9yDGh5uxpyLO5htJ9jATu2lKaSchTAl6wIyQ4tCAhzUTflvRjvCl-baKBDsIgBa2pQ8UHd38XoM_2rU6lgWaa0TQPJ6QjUxTi3L6H7UKTqCreeWG0BkIAZoMv7O8xy2VHKhCeydIrVjVjD1GXf8Nu7NboaHbf3qreoZBy0Kqs0Wt9sZG3keIh4EXhPoKTmKPXjRY4ppcWSBbTMrgFocFAcFWgFZhm3Zg38bz4IHqS9kyNRS4vEk-XSRomJX84zsV6i5x9&sai=AMfl-YS2oIg8GqdbXlvLllCtQv527IN6gpQWyBXbKGybOPTJWezZ5c8LbfARL7yeX2mff6JYX_0M9RT5h4VTN8atPgj3NzthHzb3HrSAW0zCrwHYFs6R8AUJ9OQdLOWZDezAoBGO5ZqV8HwRR34FbPygXKzJJZDhzYFKWISZcS-6LUb_gkZLUvCy8B0bNNsZZvDq3-IlhwvqKM1mVA3uCGhIJmTdgasGqPorGg&sig=Cg0ArKJSzAG6aS4kVRilEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=644&vt=11&dtpt=416&dett=3&cstd=221&cisv=r20220817.48865&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
AVmanager.js
player.aniview.com/script/6.1/ Frame 1FF0
387 KB
110 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvPRuBEND1jFBl9kAWJxvZd0QG8dCVstteZx4Wh5Wi3L-FNsMEuS9dZ6dOlbe-YecKAV2qUr87_e1BobDIBq-i9PIoWq0pS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111956
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"903f07ee74bf08435b31bae7c312f6d2"
vary
Accept-Encoding
x-goog-hash
crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation
1659879239099576
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111956
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:46 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 610A
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
160348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FEE4
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ca65505b286d487a237c539377675dc527889bf168780da6eeb5bdc0194381f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5536
x-xss-protection
0
rtl-logo.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/rtl-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c36ec54f79d9d21534b7bb97daffe7cfe6edbf9bfdc732edb9304c0c6c10f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 15:27:43 GMT
x-content-type-options
nosniff
age
489423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12977
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Aug 2023 15:27:43 GMT
bgImg1.jpg
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
39 KB
39 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/bgImg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
524630206927a3b2f1705266961d384b8fe4af7cc12fa5c25c07d36f85a9c7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 05:56:12 GMT
x-content-type-options
nosniff
age
264514
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39920
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 05:56:12 GMT
txt_sprite.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
20 KB
20 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/txt_sprite.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d87a78782eb26b298fa4ed9a14b1e0c2bc129eaf03f242c043b2c8236569959b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:49:46 GMT
x-content-type-options
nosniff
age
272100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20035
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 03:49:46 GMT
cta_01.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/cta_01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76abccec2c944237f2ddf9c616cd1af51b878743605572aad81816f2eaea44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 09:21:45 GMT
x-content-type-options
nosniff
age
252181
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7139
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 09:21:45 GMT
cta_02.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/cta_02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561da8b731946433d34677a5c6b6e828319eee37399630e44b101179cc4f7155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:07:11 GMT
x-content-type-options
nosniff
age
285455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7015
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 00:07:11 GMT
logo_xoxo.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
43 B
64 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/logo_xoxo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 21 Aug 2022 07:24:46 GMT
gg_logo.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
35 KB
35 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/gg_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b07888df4f7d3237c8aea5ab2a297473830386801f5f991d870f0cb362a48c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:48:10 GMT
x-content-type-options
nosniff
age
282996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35578
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 00:48:10 GMT
logo_ende.png
s0.2mdn.net/sadbundle/10582317875274647811/ Frame FEE4
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10582317875274647811/logo_ende.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aaeca55203512f83f3bf33efb2628dec705778a4bf171b5da33b71047321160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10582317875274647811/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 16:24:26 GMT
x-content-type-options
nosniff
age
313220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5278
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:41:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 16:24:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C742
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6gboqKRTH2uD7l0a5sxH1i_bpvH3EHfeyQd7yxanNnIaZN9hXjnHUSyVin8SMsZBjmxpm1iHo4WTeRZxPwDjTRcnRE_oaO50JSrTUbI9IKzMMTJIdIbMrVuohN7UANhOFZO-NFGgSmrWRnifvRbjN-bz1Adifr_GLU2_-PK905Ip_VaG6gl6Io7q2MODQNtclp2VaP040jovXK8gGk901g2YcZkqAC10rwJMeCQfHyG9WY3lOKPwzN2E-S8ekY6sd64KSbsb7bHzXj-2J3EqF_sBMuxLS5D8haTwOSD8p71l5VvJDvNSsRjzr23o7PgVHYJNwLCruQmpPSqqEMHBtFOa7rQfIHa0&sai=AMfl-YQeIqsSkWH1hIb2lcWHi55Bnfep1SmgX3YSNqJ2GwlJTZnzv3fZnloxE4upG1nuacAvkHuj_uRGhGmSubVw4149XOILaNuE-T1MZ1f_UsTRizlUIsrtiT0TzfOXfzvcvj4&sig=Cg0ArKJSzI-gVQhmjOD2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 07:24:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 21 Aug 2022 07:24:46 GMT
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066692965&oz_l=564&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
generate_204
tpc.googlesyndication.com/ Frame 8FD1
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?pYioNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FEE4
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 07:24:46 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=05d14662-ff8f-4857-ba1c-5e4356ac3c8f&rando=51&pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&e=inventory&vi=100&cb=1661066693101
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/
331 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
384 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
782 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
577 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/
31 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.123greetings.com%2F&AV_CHANNELID=611edd025340b7439c55794f&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=611edd82ba4f701d4d14c7dc&AV_TEMPLATE=611eddbb0ab5df1de52e23a1&d36=6.2.41&responsive=1&sver=2&avtoken=693100&omv=1.0.1&clsid=05d14662-ff8f-4857-ba1c-5e4356ac3c8f&rando=51&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1661066693166
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-3-164.compute-1.amazonaws.com
Software
/
Resource Hash
de912f3064ba06f01709a1da0e94e34c554a405e13725a7a63cbcaf978ddf99f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 09 Aug 2022 17:38:07 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame E8BC
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
160348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 10:52:18 GMT
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066693198&oz_l=2900&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame C4B1
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
age
52042
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 00:09:41 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
pL2TEpBVs1N7E31JHYUzmrEOiJRhh8_vwJKllus7Jefhp4xh2e9E2Q==
activeview
pagead2.googlesyndication.com/pcs/ Frame 9651
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGhGw_4g9nzGdHMtfQ4d0OQFq9V6537Mmis0fNW2o0LsbmX8q4bjVE8q4QyO8BTBbUZmtWx_rTEknmRqneX0Raef0&sig=Cg0ArKJSzBE7oOrqxO8vEAE&id=lidar2&mcvt=1009&p=208,970,458,1270&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2007386566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661066691868&rpt=347&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame C4B1
222 B
976 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7e64c95d56e83616e955bba860b40bc00342e3cc49586bdb556e6199b5b6d9e3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
222
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Aug 2022 07:24:46 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
t15_9nd91ZGaUpZrKyGRsuQMW0C4cbUq8KwrwzymXEHN3ELZYAZTIQ==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sun, 21 Aug 2022 07:24:46 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id
0FLjXSStm7_SMNIQQhm7sb1EQfHHnDzOmtyUTITS4thz4LD-2psaOg==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sun, 21 Aug 2022 07:24:46 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id
ax167BnsQn3PAKtxOyj2PO-68uBQxQAipHeTfICD1xlWgrtgYDal0A==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame C4B1
222 B
975 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7e64c95d56e83616e955bba860b40bc00342e3cc49586bdb556e6199b5b6d9e3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
222
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Aug 2022 07:24:46 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
2eWWeetMgfxqLYwnLJEqbqlfoBiz_VsxaJjnPkPBKcefpDnxVGxPiA==
/
events1.avantisvideo.com/ Frame C4B1
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
/
events1.avantisvideo.com/ Frame C4B1
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D7A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYuI_vd0BY5nmE9Tl7_UPhtGnqAYAAAAAOAHgBAI&bg=!nJ-ln9vNAAYUOm8VNDo7ACkAdvg8WveTWYkQO7fYF9BQTnq6EmHwlNxnmLomiPzc4VU10ENlX87ENQIAAAFtUgAAAAFoAQcKAHRymqD3-aHuxBQEKa_qLbnDOJjqF78rJu-_mCHijAGFY1WVR_YJuBg-Pn91r9fBOsnO6pv3ReWreXWxuPY-Q4cj8nIxFrYQHYl2V0mP_scztDxnK5F2XrvN1MfYaJWh4novL9wxTudgmBGnpIW7bgw2Yc1eSpkDIdBcoAbUFw1heq_5_8WWcvozOhfWMV7o1eKOUvWzFeQWow6UWJ2RZQ9DC2aqNPcXrtcIiAChpRuvKfv3bk6P54IoNFnQCh8-AfuWKSpdKuLqa2I8Q3dlN8VhqyLui2tQjuOtw2Dza6MTPfnfMlXMapWXvzCbhYbpO__3OsjJU3ryuCDumEFuYWDaAcDT2AUO8BlFYnfodOOntrTBbhz30fqj1IuN5_mUzVhqO0zMTiTQbh2O908YEo0rioCSEdKshaAf7gZdulakH3rhxavubogUb6-UTpR6EO4wl6SIhM-2QmthVQEd28kzAOSODQu0lAHAPaiqvUFajIaYXFMslJ8o_P-w7zwU9oicHoSlVVFiGfqDwxHp1_viDinanH3_Gna7plNbTV4fqB-U0DkzFkEDgXz5GK8bf7Sq8Pm0lyERMMQTWV1cjNsa8y8UMRatMpO4t7Cun9o0KKdpDQEHM3Bv_bMEEwtq2w-ibmAxOABXWNjA6wx2yiF8o1TOd-PPP3X73QsPuar1X5xCFpI7lzV4e9aKuwDaFR6C0YJ76SMRBIUg1NzRJVEXANi5PO_MsjxQwuN1qQaDSzlhZZYENcRXie7m9Zh-XF39l9grxT3RLVSDY08ZVWo4RFGdxbhdbrguU_k6rrq68swvTeYd_-cNS5L0nxhjH_TQO7d53VuFMoIj0PKcFmriXNHmEObLqt6l0xWd8vIOfrgZkI2Cw7ajyaNS4nh2_uL6oIhFQgu3tbSYJbBmhLUDKhcLseyhP_ifORssYKFeijqxhPoOjbS2_Q1qXisLC6UOaA_Ko4ky5ngWVNmoOu617pBuWkg7sCS0mk-aQSr-SWtgWMTSDm2O-IFVoYaBs5KqL5HK0oB_VNOTRtLZp5vQTx0mKi3rZ9Ny1SvBGAcQx8B7bxMVgMvOPrgUHlQ_iOHvsVDrfVsvk0G8KxKv5HYPSgeqedETn7w4xi-c9lOlD_vgg53Z-EwzhdurY7KTb1GJyycDPWvH12pwOZE8TJh-jx-bOmijcdKCmedblJ-kzSfsAAuNdlki9wGD2zgsKUOy5zxFA8Hh9w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 96CA
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9BFt6mwxuULlFCmqMrI8inL21vf3Qi1oy59rfPJpCUQlcgxI62fOhD8II4IZbsQkLWeZA2RYJNxdnteVWwCxq9-fcqB0qdqDm0hMi2WH-8Kuq-pTypLQQ8MklgNy_C-UExVsIvOdReKtZ-Q&sai=AMfl-YTgq6udge2ONkrwIj13Es6N_4Wn5rIZUee5Uu7z9EUDyNL4ZzuhnHGnvkzvHtxGYEZzgZ7cqvjmOAd2SJBeDvHZGSxZt6rIlB2WMBjLulWIxrXilGOeVehpw17AzniY&sig=Cg0ArKJSzCKXoeQ0jvJZEAE&cid=CAASKORohsaM-ZjJaB08CkZ7fOPqUns_046u7ObV5Hj1SVs2FYOUWQ4fn7o&id=lidar2&mcvt=1033&p=47,560,137,1288&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2032713241&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661066691833&rpt=614&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066693581&oz_l=6459&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
video-loader2.1-cr.js
cdn.avantisvideo.com/js/
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
age
52042
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date
Sun, 21 Aug 2022 00:09:41 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
KZbOhnYfw4BL4ZqEqxn_QhFgel5Gy6UGU-lMHSDi6kXHgHffIPkd4A==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/
3 KB
3 KB
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2F&eu=true&country=DE&hour=7&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
2771
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Aug 2022 07:24:47 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-amz-cf-id
C_UjITyR9-3dASALm_c9mcHQ4Wt_Gleqfz4Kz1xhgVQwKoy2U0VfXQ==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2F&eu=true&country=DE&hour=7&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sun, 21 Aug 2022 07:24:47 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id
2w8UAG8r4NB5ikdbXkgCxLv9yZ7Q52ifCy-QpqCCmAeLRDIG57XDVw==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=220171858650801&bg=!9vWl9bHNAAYUOm8VNDo7ACkAdvg8WnJxi5Eq5zN8Y3hJxuMd7u9z1xn5SiwS1fP3stMmU5qQ1DxUigIAAAHEUgAAAAZoAQcKAE4dXEe5vLpbs1eneDusGdkQIXn5GM_a26HLG7KVSvT2l2mL6eBeiFGFlSGBUdwVCFhAOtKDvvxj7CnIzlmu6NMoGblcgMYGHeKwo476WnqZAuvCEHTk_mstZMnbhOsHBSVlDoFQqAqgCvLGdT10a6fpgQxGLZxRiUXqNeRcFWZc9PQvO0widoaYvkL9Jj2tjIcnOmVGo0n3QIS9tjqcg6pk5-g-0Lu6EX-9EfuTc0o1WXn2pVM5Hl8vberMHEg6UHelAbmLW4tT91s4bOl_9I6u5eTdKFcku4C4P1b7Uz3Eba4Nv56nMpUUmRi8TJnGxDFNbGJ27jdd2qPis56Rzd-jNasgbygu4JgH8TuFbCkmOfsLvhE1e-Z89v5dzPQvNY8hDuz3aW8N9bZq5cLu-Tpk2L7xIIV2KTUTHdP6Uwk4DQQO00PpdYwSLABd_RTN__5tTduiEEkNjec-8CYYW3aOC7GwJxKmTdNq89CBjkLopGBcT9rzfBKwb6VvEWMhNHBTLOtTeHY6mSrECm2M9ZZYSeajBrcE_THoK5FGSXnCIZJAp9C664JvfAeSwqxZc2GHstigHxwppR_48pW0n2PzvLg4oxbn0sZGRt3nZ69K2gtbCrHPWki0H7Zoza-z2ybs068PSwgs5S76Q93A41s-pMBOdm9zMJjf6GZuu2dJ4L3Yyuq9aBxcfm5DCmSHa2AL-5PVJ8MPNi2B0dTW4EOJz-ZiVl3Bm1vme3CvCP0CTwhX7J--bIinZX7mE2ufS64RDCoZ4LFKPl_VNsHyfGO8BuSCU4Er_7Jd7lKFvGtkJfSD8MbzuANyDUMjZ2ccPA1vdq-tCxpA1whiyoYCNBxjsrQkqt0U7UUvmAKI0F2ZpocBCZlb8Frq4le958k6RVqtNcy_Jp66tuwmgK0zxQwO3w3u4qDUdyxVJtwW8JeszT2QdhxDSD7eUoPmgvmcXjliVSimuFqVJykkyfZvimiRVUeq7CGOXb6OwFlWqWjS1l8Ws91lYtxDae3EXJlLkdcmwrwsmcuJNmM5arYBvDemDquIwKWuFUy8ILrVYWKweTuqjjJcZJ2JBCCv8Pl389HfPtM-dYOZ6R3gLRg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

4157
www.123greetings.com/ads.pubmatic.com/AdServer/js/pwt/157512/ Frame 1FF0
0
0
Script
General
Full URL
https://www.123greetings.com/ads.pubmatic.com/AdServer/js/pwt/157512/4157
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 07:24:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Age
25
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=900
Connection
close
Vary
Accept-Encoding
Content-Length
3909
Expires
Sun, 21 Aug 2022 07:39:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 45A2
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68128
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 07:24:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5B5F
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 07:24:47 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
spotx-pixel.js
play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/ Frame 1FF0
417 B
1 KB
Script
General
Full URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f0e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 07:24:47 GMT
X-GUploader-UploadID
ABg5-UwVSmezU40crSRrEIevUT62mLfqCPjmFnCp2eNDKPEusTes7nse16CjGy8ZlE2wBArf__pcp_qzWWZh3fAh_A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
417
Last-Modified
Sun, 26 Jul 2020 12:32:25 GMT
Server
UploadServer
ETag
"f70554e00ba53d6687836b60f833456e"
x-goog-hash
crc32c=bH2gjQ==
x-goog-generation
1595766745952958
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
417
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Sun, 21 Aug 2022 07:54:47 GMT
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1FF0
178 KB
54 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvZgRIjP_zIelaA7Qd1g7HiUpFR0g-chJF5oaDYPvMEf1YSybofZUrEc2MHFWWJBqU4p401BrNnbOxi4NEZxncbaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"4ecda2f032d9e44c338b378388b06251"
vary
Accept-Encoding
x-goog-hash
crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation
1659879239799693
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1FF0
73 KB
25 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtWwHjkNMWU3DmEnP9RVD8yIC0q60b_hr2ZRUUe0VZ5-acDUXN6glCZD8rNuEn3tovYivfIrENXNCcCZL_UpcPVm4vaj9c2
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24663
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"d5b1db6426eefd06f3020f82c67c78bb"
vary
Accept-Encoding
x-goog-hash
crc32c=ssQAQw==, md5=1bHbZCbu/QbzAg+Cxnx4uw==
x-goog-generation
1659879239877609
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24663
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
avpb6.27.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1FF0
66 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu-j5veD7_mQzEVGI045aFDVVghiRN9sG41Q37MAI48fPQGMwKxQlftdNrldMaGV4D5w4xjEzRm6v9Huama8BZg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20155
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"02663a187046d2c733ab719bf1acb66d"
vary
Accept-Encoding
x-goog-hash
crc32c=hd0u7A==, md5=AmY6GHBG0sczq3Gb8ay2bQ==
x-goog-generation
1659879239908588
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20155
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1FF0
71 KB
22 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduoB-bpO1LGLjlAbVkSJv3t_Td5BgCoQEK9tqlkppDPPh1DYMRzYFEoG7r3Kf2ybJ1gkAreVOiWExuIh56tP0L1F_op0wPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"2ae737f175c0550382b15b7d6f5922f5"
vary
Accept-Encoding
x-goog-hash
crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation
1659879239872223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
avpb6.27.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1FF0
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu2pQdIwYOTUMYlPbLO-PJEtpyH9e-gX4isgV4NHKx9G6-hYYCQQS_rRPtM56D3jshaHJIdDUg7MXA74hp7eTrxDHbOH10n
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22756
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"4fc7c810f44e0d18dd22b52b209cc520"
vary
Accept-Encoding
x-goog-hash
crc32c=8/PGgw==, md5=T8fIEPRODRjdIrUrIJzFIA==
x-goog-generation
1659879239920996
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22756
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2C15
159 KB
41 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 21 Aug 2022 06:36:03 GMT
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified
Mon, 15 Aug 2022 16:12:00 GMT
server
AmazonS3
age
2925
etag
W/"52a6bc60961c702869c58b9d159c8e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
pz19Ngj0_Qv3SmaUDmLGtbISIn9yoB9O6kWGT_kDtZ1IKuO2PTmZjQ==
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45820&t=1661066686&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.7&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.41&cb=41067513293&d39=&d65=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=request&cb=1661066693825&asid=623daf9810ba54791c251d39%2C62e65d5c1b91c54f9f6c2269%2C62d52e7f6fcabb30a2154415%2C61769242e6ba0465685a0084%2C620290f4539a472cae35c509%2C62208fddf3f8cf0965576d95%2C62d933438c9fde22f24ffef4%2C62d66aa0fd33f968415df1d4%2C62fb59952fe54424d3351034%2C61f27d6798c38c4651179ae7%2C62c597a6b8d5cd2bb37d4304%2C62d92fa372c2f03c6176c9d5%2C61d566284039f6201a7b3bc7%2C62c6a0e0aedf2f2ee43ed1fe&ofpr=%2C%2C%2C2.38%2C1.48%2C%2C1%2C0.5%2C0.5%2C1.5%2C0.7%2C0.44%2C2.1%2C1.15&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
all
csm.eu.criteo.net/ Frame 6FC7
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qtKrJuuyQPKwcwoO-W13DCGRmKfFC9y6IKxJNkMUxFJ-emMeNq2tu3AUiOwK5AJuQL4vwCVXdDzPKU02DHyeoHccgVLU4m71SIOubZI-9_AziNhdkBVk9LxLkoK_o9iq7Dje4nb24OUgtEW37vmfL3flxjPeutAd56hGRzgzUvuInc4FHc61TCK9D0BskH8ZXhHd3r0FVznF8joq1HtCWNqmMa0w8mZEL8ApS6NusVaEldg7QkUQEBhGf_hHv09B9jFqfA&sds=2&rev=82471&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YwHdvAAKElUH_YaIAAlgJc7EMFk16Mn2OWeqNQ&u=%7CreGI%2B9NfCNPcLcvLPZGRAFs3rgn1fg1QNizddOp3Q2Q%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeEdGH5c9K0N4D2oraJlrYfYZ724EMA0JmeNTMrwqi6tV6Th2UIFJTSnwJa1jiQ-rHv0yVX9UgMiC0t5aqNcS-q93WL5rGH8JA-FvfQ2pzrhx4YA_X52V-fX_syCA1JACjhovqFjQJw0tzfTiTrIBT-EMaK-THGyJ_LDrdxCYMejaDQMSIabMM2ogLLSkCd7zAJvJpvTH-ziJzYiTuiEbgpOR2DnLCJD9FbCGMfJXxwfdM6FDnYw3lPqSok-sdW0IBesX-hXroPlJXpGoNc2dd2CBe3MubhH2aIHFSOgBldCtR7tn8xwz_lLIV55LCZ6y6EN8UHdjGYNi7WXe08zy5xMaJQ4g3jDlKVbizUna2olY68-rYZAAZ0WFAPt8MP5zFP2Hvwl4z8WFmN4SjgVI0OM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTwIrvN0BY9WkKIiN9u8PpcCl-AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIAtgNRItewPuACAKgDAaoE7QFP0DMwru6NNCEM_5138MInIA2Y9uik1uiXbnCrLZdNvPm3jLws7oT7oZMCeHN6v5QPfESi4P8fZxlb5fufJID0yTqcYinRU2ZFetlYVWH4GfCRkK8HhTgpSAGFw2tKRQ1-iBycgBOoqr7Hu2pw1E1_S--uu3zfhh_cPVogF4A_QU_DdiS2b7WRr0v7IuNMEa63TaUGQhvUXKEvbHYgZxfUFQx4v2Cz8-MXRJrPWGekrJUNN766YsJjRj3409d_4s3KgXXEQC37v5yom6gUWdY2H2XhCJZTonS9h1qNcDIzDjMER7977KWcnqQiOOXgBAGABou-jN3ArpPa2gGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tKAoxsQ9d8aGihi8qDFSepoZbyg%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 07:24:46 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 21 Aug 2022 07:24:47 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 21 Aug 2022 07:24:47 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 21 Aug 2022 07:24:47 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx2.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx2.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 21 Aug 2022 07:24:47 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/
0
411 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
317900
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/317900?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 Aug 2022 07:24:47 GMT
X-SpotX-Timing-Transform
0.000306
X-SpotX-Timing-SpotMarket
0.005846
X-SpotX-Timing-Page-Mux
0.000928
X-SpotX-Timing-Page-Require
0.000399
X-fe
056
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000037
X-SpotX-Timing-Page
0.014552
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000339
Last-Modified
Sun, 21 Aug 2022 07:24:47 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005846
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.006682
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
adx.adform.net/adx/
0
411 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
tlx.3lift.com/header/
19 B
510 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.123greetings.com%2F&tmax=7000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.79.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-79-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/
0
119 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 21 Aug 2022 07:24:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
213 B
401 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e94deca6a46b7b322911872243c0d8dd5a74a070995eaef85068361ef5de0cdb

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
prebid-request
onetag-sys.com/
15 B
367 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.123greetings.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/
0
412 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
openrtb
adx2.adform.net/adx/
0
412 B
XHR
General
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
412 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.18.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-18-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
08405cdc715387f966885fe86a1bb0f5d33ea63a744d06c30945dd317991b7b6

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066693922&oz_l=1894&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
config
c.amazon-adsystem.com/cdn/prod/ Frame 2C15
0
0

bid
c.amazon-adsystem.com/e/dtb/ Frame 2C15
23 B
496 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.123greetings.com%2F&pid=K6oVivqkJMW2O&cb=0&ws=1600x1200&v=22.8.42053&t=8000&slots=%5B%7B%22id%22%3A%22SM_640_480%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C611eda6c0903a33c051dbc64%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
W3PSFTDHKV8TN5X26TV4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ffwdIqjtXVBSh7Z7luGKYe0tfPxxKj6DaGQOBzRDvKv_la38zIj4IQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2C15
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
8513
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
date
Sun, 21 Aug 2022 05:02:55 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
3XzYM_sZ1zxpsA02g3eIURWr77ZCAGR91ir1LFOz3pr3USlO9vr4Uw==
PugMaster
image6.pubmatic.com/AdServer/ Frame 45A2
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4167106&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:46 GMT
content-length
0
gtm.js
www.googletagmanager.com/ Frame 1FF0
94 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: play.selectmedia.asia
URL: https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
231ab75ecfda714472005f50d626717fbf2279612718522a6fbf6da72fe29014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37383
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Aug 2022 07:24:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B57A
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a49f16daf8bec665b03dd83151138a5b65f7d12d0f0d65732cde4f71929a7ad

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e1a18c38299180-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 07:24:47 GMT
dropped-udsids
241|230|39|73|152|191|156|90
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B29%2FR0j%2FLSEgyHXXUz6zHsEJAuh1r%2B1qQqXzHdKCqYSCZG4uHxzADAMCnq6SeOzDNUZ12NUx3vSQaBsgZSlnUfVOr9pU27G5wrpEaXkci%2BCh9btbP5XGlprUkPux5dCYBLpXMRhNckLxsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=5618673c-2122-11ed-a411-11482f420106
0
589 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=5618673c-2122-11ed-a411-11482f420106
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sun, 21 Aug 2022 07:24:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
122
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 21 Aug 2022 07:24:47 GMT
Server
nginx
Location
/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=5618673c-2122-11ed-a411-11482f420106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
102
Connection
keep-alive
Content-Length
0
3.ef52796c7477ec4eb321-video-loader2.1-cr.js
cdn.avantisvideo.com/js/
22 KB
8 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/3.ef52796c7477ec4eb321-video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 18:05:51 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
age
47937
etag
W/"97f2ecd515fcc6a9d26763251ef08b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
6v8pusNP91qhc6WfOs2Z_DMNTyQxoq0Q
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
l8_C1TC2XR1ceW0KPoMwpZGzIma-eXrr_8gKosDCOU9wH6rKjE2O7A==
dcm
s.amazon-adsystem.com/ Frame B57A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6951T3BKMEKNPN9QDRQF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BJPC586D9XMAXFYTN0BS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B57A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B57A
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B57A
43 B
991 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e5d2:c58:d552:4f0b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame B57A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ad8578e5-3978-4943-9f8d-869cf1e0faed
43 B
916 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ad8578e5-3978-4943-9f8d-869cf1e0faed
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a18f9cc3917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnoOfs0p24FIeZ%2F0HC%2Fi25Jhl2COp0ASxh5Rf%2FG%2FUezQNzJ6LgVjFwcmqNK59lXwBzbxaMnEXg3S3PRxTpsOKdxxCtFuP3gXSs6FCNKLJ%2Bk7yJW%2BAFjcAmdzZhaC%2BPpXHz5g3LEvv9GfZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:47 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ad8578e5-3978-4943-9f8d-869cf1e0faed
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B57A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3d35da27-919b-68eb-8992f18f
43 B
910 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3d35da27-919b-68eb-8992f18f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a18dda57917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWKZLs6aZxSkji7GKHSZtgfJqhm1TipsuXOWUIIhDzWN5LNoTytiMlCxbjFVArZBLeULg7Tyi6jws6MqIdbSXust5hD%2F6sZ7Pevki7qQfkZtEfUUnBwpzb%2BImSh81BhiDqc%2Fd6EM2kkXqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 21 Aug 2022 07:24:47 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3d35da27-919b-68eb-8992f18f
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
cookiesync
bttrack.com/pixel/ Frame B57A
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:39 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
no_match_opted_out
um.simpli.fi/ Frame B57A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B
Image
General
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 07:24:47 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 21 Aug 2022 07:24:47 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 20 Aug 2022 07:24:47 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame B57A
43 B
425 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwHdvduxuzzLFK8kCC-6MgAA%265125
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
cf-cache-status
HIT
age
264
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"761e21-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73e1a18d2fa12373-ZRH
expires
Sun, 21 Aug 2022 11:24:47 GMT
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/
2 B
476 B
Script
General
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.ef52796c7477ec4eb321-video-loader2.1-cr.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
x-guploader-uploadid
ABg5-UzoGnLBMGCHS6j7VTsUr7AZ5zBWHdzdjjYVYSRMqe-BYHEVKNeKmDso6U2X_8wPYdYApM7JF1x02zrA-K1QJ3UxKuTJQg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2
last-modified
Thu, 14 May 2020 13:22:36 GMT
server
UploadServer
etag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 21 Aug 2022 07:54:47 GMT
aniview.js
player.aniview.com/script/6.1/
28 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvuJIIgc9Dgx7RuQohSJiVYVkb4Uml9xYuy4Zge4W20jJEd2IPlBpudefKVCmHnPS8J3Ux0WvapjrnDEL2zWF1B
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9902
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"a4209a7b3572c977ba0c2af22d901936"
vary
Accept-Encoding
x-goog-hash
crc32c=aQ+pWw==, md5=pCCaezVyyXe6DCryLZAZNg==
x-goog-generation
1659879239099872
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9902
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame EC95
387 KB
110 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvPRuBEND1jFBl9kAWJxvZd0QG8dCVstteZx4Wh5Wi3L-FNsMEuS9dZ6dOlbe-YecKAV2qUr87_e1BobDIBq-i9PIoWq0pS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111956
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"903f07ee74bf08435b31bae7c312f6d2"
vary
Accept-Encoding
x-goog-hash
crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation
1659879239099576
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111956
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=fbb5ead8-2d62-4402-b75d-72605260189b&rando=39&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=0&cb=1661066694473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/
32 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.41&responsive=1&sver=2&avtoken=694472&omv=1.0.1&clsid=fbb5ead8-2d62-4402-b75d-72605260189b&rando=39&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1661066694497&AV_C_USER_ID=1661066686835-942884431016-005728-010-002488
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-3-164.compute-1.amazonaws.com
Software
/
Resource Hash
c316ddd378b6594e5dc032b228c4e7d91adb7f5774afc99f81297ac7f6c5c394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 09 Aug 2022 17:38:07 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 7157
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=55&key=5767656312680619575
0
215 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=55&key=5767656312680619575
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.49.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-49-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 21 Aug 2022 07:24:48 GMT

Redirect headers

AN-X-Request-Uuid
7f820206-1baf-42d8-a417-c2cc78fd2579
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Aug 2022 07:24:48 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=55&key=5767656312680619575
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
pixel
ap.lijit.com/ Frame 4A81
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Sun, 21 Aug 2022 07:24:48 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame 9C8B
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sun, 21 Aug 2022 07:24:48 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
services
sync.technoratimedia.com/ Frame B52B
0
0
Document
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1661066686835-942884431016-005728-010-002488&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.123greetings.com/
age
0
date
Sun, 21 Aug 2022 07:24:48 GMT
server
nginx
via
1.1 varnish
x-varnish
688450412
cookiesyncendpoint
sync.aniview.com/ Frame 5395
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=200&key=OPTOUT
0
200 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.49.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-49-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 21 Aug 2022 07:24:48 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 Aug 2022 07:24:48 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=200&key=OPTOUT
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 3A76
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661066686835-942884431016-005728-010-002488%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=56&pid=59c9148628a0612da3689288&key=3843a3ab-7937-4484-9d7d-8e19fe29a77b
0
240 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=56&pid=59c9148628a0612da3689288&key=3843a3ab-7937-4484-9d7d-8e19fe29a77b
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.49.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-49-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 21 Aug 2022 07:24:48 GMT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73e1a1902be32373-ZRH
content-length
0
date
Sun, 21 Aug 2022 07:24:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1661066686835-942884431016-005728-010-002488&biddername=56&pid=59c9148628a0612da3689288&key=3843a3ab-7937-4484-9d7d-8e19fe29a77b
server
cloudflare
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame EC95
178 KB
54 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvZgRIjP_zIelaA7Qd1g7HiUpFR0g-chJF5oaDYPvMEf1YSybofZUrEc2MHFWWJBqU4p401BrNnbOxi4NEZxncbaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"4ecda2f032d9e44c338b378388b06251"
vary
Accept-Encoding
x-goog-hash
crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation
1659879239799693
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame EC95
73 KB
25 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtWwHjkNMWU3DmEnP9RVD8yIC0q60b_hr2ZRUUe0VZ5-acDUXN6glCZD8rNuEn3tovYivfIrENXNCcCZL_UpcPVm4vaj9c2
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24663
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"d5b1db6426eefd06f3020f82c67c78bb"
vary
Accept-Encoding
x-goog-hash
crc32c=ssQAQw==, md5=1bHbZCbu/QbzAg+Cxnx4uw==
x-goog-generation
1659879239877609
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24663
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:47 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame EC95
71 KB
22 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduoB-bpO1LGLjlAbVkSJv3t_Td5BgCoQEK9tqlkppDPPh1DYMRzYFEoG7r3Kf2ybJ1gkAreVOiWExuIh56tP0L1F_op0wPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"2ae737f175c0550382b15b7d6f5922f5"
vary
Accept-Encoding
x-goog-hash
crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation
1659879239872223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:48 GMT
avpb6.27.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame EC95
66 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f700:2b6::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu-j5veD7_mQzEVGI045aFDVVghiRN9sG41Q37MAI48fPQGMwKxQlftdNrldMaGV4D5w4xjEzRm6v9Huama8BZg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20155
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"02663a187046d2c733ab719bf1acb66d"
vary
Accept-Encoding
x-goog-hash
crc32c=hd0u7A==, md5=AmY6GHBG0sczq3Gb8ay2bQ==
x-goog-generation
1659879239908588
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20155
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Aug 2022 07:29:48 GMT
adServe.do
web.ssp.yahoo.com/admax/
240 B
546 B
Fetch
General
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969558018080038b3c07fe379f0081&pos=8a969558018080038b3c07ff3c3d0083&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=338&wd=600&reserve=4.8&req(url)=123greetings.com&schain=1.0,1!avantisvideo.com,8079,1,,,!aniview.com,59918a0e073ef4782e4e347f,1,,,&cbb=1066694681&imp_id=10741e64-3288-4f23-bf2d-f344937cf3a9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:48 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
ptv
ib.adnxs.com/
85 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F&us_privacy=1---&cbb=1066694684&imp_id=10741e64-3288-4f23-bf2d-f344937cf3a9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:48 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2caedd67-da17-4060-87e5-590ce0871eb4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=92541&t=1661066687&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=73296296372&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1661066694685&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24%2C628b7da850e97943a83f7d3b%2C626a7b5c1576bc4c20574e49%2C62d3f4e0d8665b0ec66c9327%2C62b86e392f65d47a516f6f3b%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C1.3%2C0.35%2C0.2%2C0.2%2C%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=92541&t=1661066687&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=73296296372&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=request&cb=1661066694685&asid=62b1a8beecf705053613baa5%2C6250243f0f4db040a1785fc9%2C62a704a4e22df13bef59f407%2C6252bf57e35a4e32222ec526%2C628e3b5996c9f44c030284f5&ofpr=%2C5%2C%2C4%2C3&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 21 Aug 2022 07:24:48 GMT
server
ATS/9.1.10.25
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 21 Aug 2022 07:24:48 GMT
server
ATS/9.1.10.25
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/
55 B
421 B
XHR
General
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=2a79462c-f414-4e21-bea4-fcb3b5f6a374&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2F&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:83d:24f9:e3b2:edf4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
92a93590a4ea94d8a1b9e250ee5dd38a38ccf565b8f401effb78b2ce264d573f

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:48 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
110 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 21 Aug 2022 07:24:48 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
auction
prebid-server.rubiconproject.com/openrtb2/
187 B
412 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.18.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-18-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
78b9728de142d4b8ce613e77df99be4497ca0927b82b4e78886d54933cc246d7

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
cygnus
htlb.casalemedia.com/
36 B
645 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22791900a22c991e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2281453237ab4962%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3821be979f9ff3bfd09ba98a899b9dd431c856ca974b5c3d0d8898b811fafd08

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrZKZCfrO7s7mWZE8Kc3OqKLFllsKOZ%2F2ssGxh4egkJQVqtXC2T8VxmPU%2BKq2HpghGeQuYyWLngXN58JHkglOgh%2Ft4Y%2BQLifel8vDBI%2Bby4TgKGAtq3mbfgX%2Fttlp6xAMQ7Emtjf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73e1a190ad3d9a41-FRA
expires
0
prebid-request
onetag-sys.com/
15 B
367 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.123greetings.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
410 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.18.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-18-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
160c5661a961f3a7981e109ed8f7a88162e1829a88d98b5caf4794ebc2a24995

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c530c99aa0f34e12903800fa2574f963feff0f80f4273e56d634284eab19b19e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:48 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
44c72439-50d6-4bd1-b9e6-73c7bfef79eb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
413 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.18.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-18-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c05d59025bff8b8aec52934b705952ff5206db9f298b360b49e49fd520a59646

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 07:24:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 21 Aug 2022 07:24:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
19 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Sun, 21 Aug 2022 07:24:48 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45820&t=1661066686&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.7&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.41&cb=41067513293&d39=&d65=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=bid&cb=1661066694787&asid=623daf9810ba54791c251d39%2C62e65d5c1b91c54f9f6c2269%2C62d52e7f6fcabb30a2154415&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=92541&t=1661066687&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=73296296372&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1661066695279&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=92541&t=1661066687&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=73296296372&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=bid&cb=1661066695279&asid=62b1a8beecf705053613baa5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA97
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157512
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68127
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 07:24:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5353
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1661066694025
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 5B71
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 07:24:48 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 9ED9
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 Aug 2022 07:24:48 GMT
usync.js
eus.rubiconproject.com/ Frame 5B71
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 07:24:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32987
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Sun, 21 Aug 2022 16:34:35 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5B71
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
async_usersync.html
acdn.adnxs.com/dmp/ Frame F3DB
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
9399
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Aug 2022 07:24:49 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 129447
X-Served-By
cache-lga21925-LGA, cache-hhn4074-HHN
X-Timer
S1661066689.134903,VS0,VE0
/
onetag-sys.com/usync/ Frame 457E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1661066694821
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 720B
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68126
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 07:24:49 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0C0E
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 07:24:49 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 7846
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd17cfbbad41166dab6b0c6834759414d56f6abddeb1ef97f67c55736f1ffe1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e1a1971d2f9972-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 07:24:49 GMT
dropped-udsids
46|3|130|206|11|17|65|13
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXayLs3F40jad2Q1Ev06qIOH8xaVkJ1bEVYvjze5BjIE7j4GWtpIAifZiuLLztatQizhLqHs0dRKsTPdhSE%2BN1U1dTKXptlMs1HAr8ZZ3ToWzfuW5gaH6P9Am1P29R7E9lhA4R5cWPMaWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
async_usersync
ib.adnxs.com/ Frame F3DB
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:49 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
428e1e0d-8e72-4fdd-8151-f1ccdfca5096
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
secure.adnxs.com/ Frame 7846
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 7846
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=de746301-ddc1-4300-be28-eb1dadf32822&gdpr=1&gdpr_consent=
43 B
909 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=de746301-ddc1-4300-be28-eb1dadf32822&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a19c5e37917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnZfV8elEDyGnhFz8wodDzjQb6GWIzpRyeDFAM9vUcBSwHz2N92C8Kl%2BjMh9ikscZLdYr4keqby4hp4ra43F6v1BcczW4fqXGCHd3aqXl%2FFHJeMFeas69FqeHQbOI1%2BV9QbV0Uw0zYCWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sun, 21 Aug 2022 07:24:49 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=de746301-ddc1-4300-be28-eb1dadf32822&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Aug 2022 07:24:48 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 7846
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.152.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-152-75.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:49 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 7846
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwHdvduxuzzLFK8kCC_6MgAAFAUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:49 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 7846
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=09f6f17f-9f18-49ef-a57b-098c81dac323
43 B
909 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=09f6f17f-9f18-49ef-a57b-098c81dac323
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a197dfe9917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3PFxOQjI0F0FbFO0LjRIypro3E4q9JO8%2Bd285dlMK%2BYI8I7s%2FVx2d0jzllAAV5ytC4Tp8aNpgmH5cGRzx0Jtp%2BDyKq8qVKuRxQbCJRwlgUnjnffXanN9gpfLM0WfqP0A832BvIrT8gfig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=09f6f17f-9f18-49ef-a57b-098c81dac323
date
Sun, 21 Aug 2022 07:24:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 7846
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
921 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a19a7ba6917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P0%2BZ0ef7FsGB6Wt2okCgANvLIwyn%2B%2BZ%2B%2B%2Bwu2NB2Awr6chWp5nD0bB8rNivHMDVpcOrhVbSGlKEl3shf6SFgCIgdNExzJPl7%2BSuLWFQPZ1%2B7XRNgyjiPrB%2Bm7STdufkXX%2FvHwkJ%2FTcL4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame 7846
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661153089&gdpr=1
43 B
950 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661153089&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a1990b3d9060-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHHV6%2B9eFA1uAEG1Hr8hnj%2FTreGEveeyRfiGzt3HYSbX100L3T5aGEWwIQhuHXU2Ww%2BqkJpG0MVnx7L%2BNRUaY0uNF9yQP5MK1jyRMIZxM6DO2yB%2FCzHIzYEKA%2BtC2Gaxb1FlEfkw"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661153089&gdpr=1
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:49 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 7846
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
907 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e1a198183d917c-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 07:24:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fV3AZD9PR4IGtBP4dNgSGwgyVgWAjjJ0rVJ86h70br6wpt8eG6IFhXKy6SEuwE9b7x9nX%2FyR7z6POFIDl%2F6sJ5cDVWCoR1pJnB0OSsVY3l52xwrHnPsetJJyc2gAMcHwQxgcdfmziWISjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Sun, 21 Aug 2022 07:24:49 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7846
43 B
154 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwHdvduxuzzLFK8kCC-6MgAA%265125
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:24:49 GMT
cf-cache-status
HIT
age
266
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"761e21-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73e1a1977cd72373-ZRH
expires
Sun, 21 Aug 2022 11:24:49 GMT
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066696685&oz_l=106&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame F3DB
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 07:24:50 GMT
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5193198c-71cc-4a4c-a8f0-6f318a2824cb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=05d14662-ff8f-4857-ba1c-5e4356ac3c8f&rando=51
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 07:24:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
93 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=92541&t=1661066687&cip=146.70.117.78&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1661066686835-942884431016-005728-010-002488&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=73296296372&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-163-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 07:24:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
postback
s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.66.1/945541/AXaNcZoAEeRgKsMT/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXaNcZoAEeRgKsMT&oz_sc=6c36ed7dd8b6f37c84579a8d&oz_df=1661066699874&oz_l=327&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Aug 2022 07:24:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef

Verdicts & Comments Add Verdict or Comment

438 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getCookieVal number| isMobile string| HUMANScriptURI object| hmn_script object| dataLayer function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y function| HP_init function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n string| cat_q1 string| sub_cat_q1 object| params object| adsbygoogle function| gtag object| timer object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| jQuery18202948721346682095 function| onYouTubeIframeAPIReady object| gaGlobal object| config_data object| gaplugins object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| ozoki_sv object| $$$ string| saved_tc string| saved_sc string| ________ok object| google_llp object| GoogleGcLKhOms boolean| isHuman number| google_lpabyc object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| miCallback object| aniplayerPos number| sm_AV611edd82ba4f701d4d14c7dc function| avPlayer object| storageAni number| offset number| end boolean| isopen boolean| flag object| boxFunc object| avntsWebpackJsonp number| avnts_player object| avntsQ

32 Cookies

Domain/Path Name / Value
.123greetings.com/ Name: _ga_47Q5QDHYDP
Value: GS1.1.1661066691.1.0.1661066691.0.0.0
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=0
.123greetings.com/ Name: _ga
Value: GA1.2.993154516.1661066691
.123greetings.com/ Name: _gid
Value: GA1.2.1194358351.1661066691
.123greetings.com/ Name: _gat_gtag_UA_5085183_1
Value: 1
.trkn.us/ Name: barometric[cuid]
Value: cuid_af98880c-bd0a-4f42-9580-46b3ca35f68d
.123greetings.com/ Name: __gads
Value: ID=d1d383b991618fe9-225f2c01fecd0056:T=1661066684:S=ALNI_MYV5Q6g6LSmfD3Dmi-lAAvPujwp-Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkfD-LSzVPDxn2f9QjGou7yEiv4j0OSfZibFxa22VgM2aAw6zvp72W-5YhNedE
.casalemedia.com/ Name: CMID
Value: YwHdvduxuzzLFK8kCC-6MgAA
.casalemedia.com/ Name: CMPS
Value: 5125
.casalemedia.com/ Name: CMPRO
Value: 5125
.adnxs.com/ Name: uuid2
Value: 5767656312680619575
.123greetings.com/ Name: cnFbAtkn
Value:
www.123greetings.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.spotxchange.com/ Name: audience
Value: 56186702-2122-11ed-a411-11482f420106
.simpli.fi/ Name: suid
Value: 9F4ECAA6F1C04E71A11A74CD1B88C8F1
.yahoo.com/ Name: A3
Value: d=AQABBL_dAWMCEIL9rGX3QQ0e1eQRQ_YwtncFEgEBAQEvA2MLYwAAAAAA_eMAAA&S=AQAAAgMWXSVmcScclgYfg9jFI3U
.brand-display.com/ Name: _knxq_
Value: 3d35da27-919b-68eb-8992f18f.1661066687.0.1661066687.1661066687
.csync.loopme.me/ Name: viewer_token
Value: 3843a3ab-7937-4484-9d7d-8e19fe29a77b
.adnxs.com/ Name: anj
Value: dTM7k!M4.FCxrEQF']wIg2In=BQk[.NRp<XYBa4v`-rvseD1W-044)d+]Uf$Gd[2x*DKfA*mt.OAFXG/Dh>D_2CoBFv`BDmP(hw9P-HC_#tt$b*yswn
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.adnxs.com/ Name: icu
Value: ChgIoNZ3EAoYASABKAEwwLuHmAY4AUABSAEQwLuHmAYYAA..
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.aniview.com/ Name: 2_C_55
Value: 5767656312680619575
sync.aniview.com/ Name: 2_C_55
Value: 5767656312680619575
.aniview.com/ Name: 2_C_56
Value: 3843a3ab-7937-4484-9d7d-8e19fe29a77b
sync.aniview.com/ Name: 2_C_56
Value: 3843a3ab-7937-4484-9d7d-8e19fe29a77b
.casalemedia.com/ Name: CMST
Value: YwHdv2MB3cEA
.casalemedia.com/ Name: CMRUM3
Value: 5a6301ddbf05a0&036301ddc105a0&116301ddc105a0&2d6301ddbe05a0CAESEAs0NHroBgeg0Z_05CJbpeE&416301ddc105a0&0d6301ddc105a0&2e6301ddc105a0&276301ddbf0b40&f16301ddbf05a0&826301ddc1a8c0&0b6301ddc105a0&e66301ddbf2760&ce6301ddc105a0&496301ddbf05a0&bf6301ddbf00013d35da27-919b-68eb-8992f18f&9c6301ddbf05a00&986301ddbf2760ad8578e5-3978-4943-9f8d-869cf1e0faed
.mathtag.com/ Name: uuid
Value: de746301-ddc1-4300-be28-eb1dadf32822
.casalemedia.com/ Name: CMTS
Value: 5157

11 Console Messages

Source Level URL
Text
worker error URL: blob:https://www.123greetings.com/aa81fa99-69ec-4b46-9e61-dd8d6eb73daa
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/aa81fa99-69ec-4b46-9e61-dd8d6eb73daa' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.123greetings.com/aa81fa99-69ec-4b46-9e61-dd8d6eb73daa
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/aa81fa99-69ec-4b46-9e61-dd8d6eb73daa' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://s0.2mdn.net/sadbundle/10582317875274647811/logo_xoxo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.123greetings.com/
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef' from origin 'https://www.123greetings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.123greetings.com/ads.pubmatic.com/AdServer/js/pwt/157512/4157
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

73812c2d6d31c0203eb1cdb06dd8a05f.safeframe.googlesyndication.com
acdn.adnxs.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
adx2.adform.net
ap.lijit.com
avm.avantisvideo.com
b1sync.zemanta.com
bttrack.com
c.123g.us
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.indexww.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
csync.loopme.me
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
events1.avantisvideo.com
fonts.googleapis.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.123g.us
ib.adnxs.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
p4dt2-ha1hf.ads.tremorhub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
play.aniview.com
play.selectmedia.asia
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
region1.google-analytics.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s.gk.123greetings.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.technoratimedia.com
tg1.selectmedia.asia
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
um.simpli.fi
ups.analytics.yahoo.com
web.hb.ad.cpe.dotomi.com
web.ssp.yahoo.com
www.123greetings.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.123g.us
c.amazon-adsystem.com
103.229.206.241
104.18.18.126
104.18.19.126
107.22.163.220
142.250.185.130
142.250.186.34
15.197.193.217
150.136.156.92
151.101.65.108
169.50.137.182
172.217.16.130
178.250.0.162
178.250.2.135
178.250.2.148
18.206.3.164
184.72.245.68
185.167.164.39
185.183.112.148
185.64.189.112
185.64.190.78
185.89.210.212
185.89.210.82
185.94.180.123
185.94.180.125
192.132.33.46
2001:4860:4802:32::36
213.19.147.45
216.52.2.30
23.35.236.201
23.47.209.6
2600:1f18:612b:4264:83d:24f9:e3b2:edf4
2600:9000:2250:f200:8:9ed9:9c40:93a1
2600:9000:225e:a00:3:748e:7940:93a1
2600:9000:2490:e000:1c:38a0:8a40:93a1
2606:4700::6811:190e
2606:4700::6812:c4c
2606:4700::6813:ad6c
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2006
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
2a02:26f0:f700:2b6::2c79
2a02:26f0:f700:4::212:4f0e
2a02:fa8:8806:16::1370
2a02:fa8:8806:20::2100
2a05:d018:d29:3605:e5d2:c58:d552:4f0b
3.126.56.137
3.68.18.37
3.70.79.214
34.111.151.213
34.248.176.243
34.95.81.168
35.157.246.167
35.169.163.246
35.172.49.77
37.157.4.24
44.224.187.254
51.89.9.254
52.207.17.235
52.222.209.55
52.30.152.75
52.46.128.147
64.74.236.63
69.173.144.165
76.223.111.18
8.238.176.252
8.249.63.252
92.123.9.160
02bb8af52e1418c054ac3895f57ebd2fbc4ca79f6f5af87b6385c1de8e53cf80
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08405cdc715387f966885fe86a1bb0f5d33ea63a744d06c30945dd317991b7b6
084c9d7671a09c4a159c12d67e63228be5af60b5c2f95e3ca0b944f1976e061d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aab059870f012f12f3e3fe550c62b6d8cef07be8d509a0ce69df144e7fdfe1c
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8
0b07888df4f7d3237c8aea5ab2a297473830386801f5f991d870f0cb362a48c7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0e07c16626af862f6f38c47e8bb5cce930547605fd936a2d8680c26cf15202bb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
13d4667177bf9777b7d9a0ce216beb8f877f4836ae8e234e689547abcbad7837
157dfebf8e7a3db46f0337555f331f4ac93c6e151849bb43a8670b06a4636205
160c5661a961f3a7981e109ed8f7a88162e1829a88d98b5caf4794ebc2a24995
1760708344a04220b5d0242c03f3dd26d57fda79aef73150511613a53001ca39
186456f68e798b6aeb8c250949d5568673a796257bfbb9ca6744c2c00d78c324
1a49f16daf8bec665b03dd83151138a5b65f7d12d0f0d65732cde4f71929a7ad
1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24
1c68b30bbb7a44a8febef0ace1d7013259cb53fbeecc7e20b829621e5ff6ae87
1ca65505b286d487a237c539377675dc527889bf168780da6eeb5bdc0194381f
1d44594c1739a91182d57a302cf6345f311a73a9dfd2b2a28b6a22d6488f490b
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1f95ac04607c6e193e7e6a7cdc33c29681be7485f29f045c162170cd6cf09559
20dca3a9ce0f679deefb34c163ea6c46a19a98fbfa0ae2c88eb6cc5a56a5cf69
231ab75ecfda714472005f50d626717fbf2279612718522a6fbf6da72fe29014
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1
27d9538abaee92287d9a5e1dd5a4bf6d564b843baf6c7283888ca0cbdaa906a4
27e547b8c79e6ef670a24532ad9dd58f047ca71dfe2bce0d51265dcff7e1b5be
290ee4ab79924fa7ef563205b80ce42cbdc9481c1ab9c51ce9fcdce840887775
2aaeca55203512f83f3bf33efb2628dec705778a4bf171b5da33b71047321160
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36494c59d3029b193343976ead491e449bcf4734df8bac70636cb431a892a32f
3821be979f9ff3bfd09ba98a899b9dd431c856ca974b5c3d0d8898b811fafd08
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c7f77cb564e20029d53084a16a3f1ba3da49f2d2c08c610584a5020dc9aaf4
4345999f1e5314c7793e3c89d5f980456cbf650aed92b95ce864d461563f9f69
4545946e62b8e831756006b646fbf7e97b5fb8b85e52b625bdcc8b5d83745eb2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a409076ca2553d234ff017fd0d2dcae6105cb2d3c691e73cdd8847c5dc62239
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c36ec54f79d9d21534b7bb97daffe7cfe6edbf9bfdc732edb9304c0c6c10f06
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e8a52b27bad7da42a305a2e42aef96f6d9e745e0b98c01db9e08ae0c1901d8
524630206927a3b2f1705266961d384b8fe4af7cc12fa5c25c07d36f85a9c7af
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b55e0528c15bb370d3650ffa8e37ffada14d2a853d1c66baabc06e045c673c
561da8b731946433d34677a5c6b6e828319eee37399630e44b101179cc4f7155
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
5bd17cfbbad41166dab6b0c6834759414d56f6abddeb1ef97f67c55736f1ffe1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397
613e22e0123c50072fb03b1b0732b528ab91fb1a535ac862c5f04b494880f4c5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637e4f105c2c755fa2c0b09570c47881dc2d96a76b403925181cc9393ae9aa16
643a80e379c2b695aa7f163e2908c3486c94b172ec7fe7ebf8f37202365f8745
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c
6a4c2f02417925a87e6c21ec3280f3c76f0ddd13e0589991c0b482f44c127c6d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
712fbcbafa7c31afd31257609e96a088ac8ff42b95efd5d77f90d162bcda3367
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78b9728de142d4b8ce613e77df99be4497ca0927b82b4e78886d54933cc246d7
7912141e701d5851c8305309de2b4377dc69907bbd364f6cfbb08a09e810e85b
7a22c00595831c067c06703ddf439147a257d2375393492c60c917f739354191
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4
7e64c95d56e83616e955bba860b40bc00342e3cc49586bdb556e6199b5b6d9e3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7
8118f9caab521097310cbd5980732e472a431511536759da6a7f475e2f9b1c2b
82a8e05a6d7d26aabeba6e670f2dc45c68f21473a3dd5e74936a7950dca1ebe2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
8864c5c66037d2ea7fe88a4a69b417854cd4f17f646ce7993a03214ff8b6467b
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a14b603fd903e6306ad80789aab46949ed7c2ff0c28876357ac63e0ca36c99e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
92a93590a4ea94d8a1b9e250ee5dd38a38ccf565b8f401effb78b2ce264d573f
93b0d27e8a6bab76a2c182cf70a26e9ee00ce4fdbe238be072ab85ad8c19d0a8
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9c1e8646441b2c3c6e3f77e0a3207c37c40db51b87176c4a71da787b400fb55c
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac
9fccf83fda6264ca3aae6c764489c92d25f864f971c870fc119d0f305f391910
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
aed64e0e4cd5853222d9dfaeded1a114c0c627458800f02e7d33038fa6403db4
af6cbd980a2580b24ae78dab56a17b20b0950067c60853887516f97d2239a983
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b9b65bf8e32682c44070056331110f36cd00b717998ded48625e0eacbb539266
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb68aae18ecd5bcf816bb98cf5bb19c7e9fd1431b1519f746a9fd3aeb5d57e0d
bf9e773145a5096340f32e0b66d0a136a1c8b57d9079213d07e7dfb5722f5f44
c05d59025bff8b8aec52934b705952ff5206db9f298b360b49e49fd520a59646
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c114fe96f7aeb39ef13475628183e721d354b0dabc4c99b6c054abc98cedf43a
c14368184dcd321d4c6d1d3b4e1a17d11596f15bb50fd2722e5676d5585c6431
c1ec82cd43eb750751f3c6b64f95a6e24d5abe51843556c013d7efb107040e71
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2d40f69f99dd63371d21b8791ac0bee15efc32b10ca10b0f0c13539f7cc975f
c316ddd378b6594e5dc032b228c4e7d91adb7f5774afc99f81297ac7f6c5c394
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c530c99aa0f34e12903800fa2574f963feff0f80f4273e56d634284eab19b19e
c76abccec2c944237f2ddf9c616cd1af51b878743605572aad81816f2eaea44c
c932c1107432f3d5fe7cc4a268e573b3cf9a9d1aa74275955f70d062ce8d19c3
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c97a27f86ff5cc6dd2ef5b1b54f8dabbb352c80a1492b62ce065cea220e6ac6d
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
ce274a250b562336590fcfb03562939790ceb0a0e4eba7eb0f31bcbb5d9974de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf48afd046f0203addfcb0c27ef42803b76a258a9292ab72e4f5176f4f4525fe
d224bbb4351c9087fad2a9b390f3574a5cc8d064c24d6df207bc52135de46129
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d296131da814e68033b8f973cd34aeaf058191c99e1a265b5569d6f7d0074aad
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca
d87a78782eb26b298fa4ed9a14b1e0c2bc129eaf03f242c043b2c8236569959b
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9ad3220a4c9916cc4a5abca1fbfe6cc5460d07245dbf36b20e403de09eb1691
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf7f9ef4ed95750fd2aa5ec5701effe42c77cf0524a8cd214e68c5f7ec9d972
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de912f3064ba06f01709a1da0e94e34c554a405e13725a7a63cbcaf978ddf99f
df593244193c3cf046b26a486cc6d9b03d94406e3ace812307bdc3d9e0e54b9d
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687
e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e879e91fc98fc8d066ae0943a2922c0667cd991928f67af6fb216c63200c1bb1
e94deca6a46b7b322911872243c0d8dd5a74a070995eaef85068361ef5de0cdb
eaf229d2bf27d6528b9fdbcb667a9dd96b90d12d0168473c889d13ef4657c3fa
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ed69c8c630a842efb44d3fa8c6fd799dfe1e34c0b5bd2c231548942aa1070c61
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eed112e8f6f3d519008a0bf85e3c3e5bc6d5f829bc5cac250847ac7524e1a3f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ba5e1b255053d409880374b1d1e76e52c337275c3171fe0f7f9b663526270
f02111c8349417ec273363ae9836f05d5e539625231a50d13dfb553ae4ec6e45
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fd65a5c92613b1a231f11a30003b9f924ecdfff113905a7dc9de99db6c595f18
ff693c26fe1f4e8155e7c306a627a58be5022867a638bece32c960770c0cfd2c