www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.jpada.com/cgi-bin/click.pl?cid=nl030656202202&lid=227976&uid=201134437?utm_source=img1&utm_medium=newslett...
Effective URL:
https://www.123greetings.com/events/sukkot/sukkot10.html
Submission: On June 26 via api (June 26th 2022, 3:25:19 pm UTC) from US — Scanned from DE

Summary HTTP 314 Redirects Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 38 domains to perform 314 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 248248.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2022. Valid for: a year.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.157.4.68 108.157.4.68	16509 (AMAZON-02) (AMAZON-02)
1 2	184.72.245.68 184.72.245.68	14618 (AMAZON-AES) (AMAZON-AES)
27	67.27.158.252 67.27.158.252	3356 (LEVEL3) (LEVEL3)
11	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:ef:... 2a02:26f0:ef:285::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	67.27.159.124 67.27.159.124	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:401... 2a00:1450:4014:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
13	18.203.130.15 18.203.130.15	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	54.156.107.70 54.156.107.70	14618 (AMAZON-AES) (AMAZON-AES)
4	8.241.9.124 8.241.9.124	3356 (LEVEL3) (LEVEL3)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
33	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:215... 2600:9000:2156:c600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	52.216.16.123 52.216.16.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6805	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:215... 2600:9000:2156:e400:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:e00:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	52.36.72.203 52.36.72.203	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:d200:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	34.226.74.25 34.226.74.25	14618 (AMAZON-AES) (AMAZON-AES)
1	34.227.134.231 34.227.134.231	() ()
1	23.35.236.201 23.35.236.201	() ()
1	23.35.236.247 23.35.236.247	() ()
3	143.204.93.3 143.204.93.3	() ()
1	37.252.172.37 37.252.172.37	() ()
1	51.38.120.206 51.38.120.206	() ()
1	104.18.19.126 104.18.19.126	() ()
1	18.195.191.124 18.195.191.124	() ()
1	185.64.189.112 185.64.189.112	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	() ()
4	52.28.203.152 52.28.203.152	() ()
1	198.47.127.19 198.47.127.19	() ()
314	62

1 108.157.4.68 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-68.dus51.r.cloudfront.net

www.jpada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.72.245.68 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 67.27.158.252 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:ef:285::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 67.27.159.124 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80b::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.203.130.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

s.cccobh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.107.70 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-107-70.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.241.9.124 (United States)

ASN3356 (LEVEL3, US)

v.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.71 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.16.123 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6805 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:e400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:e00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.36.72.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-72-203.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:d200:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.226.74.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-74-25.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.227.134.231 (None, )

ASN- ()

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.93.3 (None, )

ASN- ()

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (None, )

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN- ()

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.191.124 (None, )

ASN- ()

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (None, )

ASN- ()

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (None, )

ASN- ()

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	criteo.net static.criteo.net — Cisco Umbrella Rank: 606 pix.eu.criteo.net — Cisco Umbrella Rank: 6881 csm.eu.criteo.net — Cisco Umbrella Rank: 7033	466 KB
50	123g.us c.123g.us — Cisco Umbrella Rank: 414097 i.123g.us — Cisco Umbrella Rank: 272656 x.123g.us — Cisco Umbrella Rank: 814574 v.123g.us	977 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com	340 KB
22	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	240 KB
16	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 19398 static.avantisvideo.com — Cisco Umbrella Rank: 19861 events1.avantisvideo.com — Cisco Umbrella Rank: 18287 cdn1.avantisvideo.com — Cisco Umbrella Rank: 22363 avm.avantisvideo.com — Cisco Umbrella Rank: 20027	135 KB
14	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 532 scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 12470	944 KB
13	cccobh.com s.cccobh.com — Cisco Umbrella Rank: 574683	55 KB
12	aniview.com player.aniview.com — Cisco Umbrella Rank: 1587 track1.aniview.com — Cisco Umbrella Rank: 1750 go1.aniview.com play.aniview.com	254 KB
12	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13468 ads.eu.criteo.com — Cisco Umbrella Rank: 7052 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10664 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8884	213 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	66 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	281 KB
6	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 96	49 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 162 adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	74 KB
4	yahoo.com c2shb.pubgw.yahoo.com	216 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
4	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2896 log.pinterest.com — Cisco Umbrella Rank: 3751	20 KB
3	amazon-adsystem.com c.amazon-adsystem.com	42 KB
3	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com	6 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	15 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2733 www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
3	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2054	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	111 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 135 i1.ytimg.com — Cisco Umbrella Rank: 1337	8 KB
2	123greetings.com 1 redirects www.123greetings.com — Cisco Umbrella Rank: 248248	10 KB
1	dotomi.com web.hb.ad.cpe.dotomi.com	401 B
1	3lift.com tlx.3lift.com	510 B
1	casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com Failed	640 B
1	onetag-sys.com onetag-sys.com	367 B
1	adnxs.com ib.adnxs.com	834 B
1	indexww.com js-sec.indexww.com	2 KB
1	selectmedia.asia tg1.selectmedia.asia — Cisco Umbrella Rank: 25768	6 KB
1	amazonaws.com s3.amazonaws.com	413 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303	689 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	650 B
1	jpada.com 1 redirects www.jpada.com	621 B
314	38

	Domain	Requested by
33	static.criteo.net	ads.eu.criteo.com
26	c.123g.us	www.123greetings.com c.123g.us
24	pix.eu.criteo.net	ads.eu.criteo.com
19	i.123g.us	www.123greetings.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
13	s.cccobh.com	c.123g.us s.cccobh.com
11	pagead2.googlesyndication.com	www.123greetings.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com securepubads.g.doubleclick.net
7	player.aniview.com	tg1.selectmedia.asia player.aniview.com cdn.avantisvideo.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
7	csm.eu.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net c.123g.us securepubads.g.doubleclick.net
6	www.facebook.com	2 redirects connect.facebook.net www.123greetings.com
5	events1.avantisvideo.com	www.123greetings.com
4	c2shb.pubgw.yahoo.com	player.aniview.com
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	cdn.avantisvideo.com	securepubads.g.doubleclick.net cdn.avantisvideo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	cdnjs.cloudflare.com googleads.g.doubleclick.net
4	cat.nl.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	googleads.g.doubleclick.net
4	v.123g.us	www.123greetings.com
3	c.amazon-adsystem.com	player.aniview.com c.amazon-adsystem.com
3	track1.aniview.com	www.123greetings.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
3	trkn.us	1 redirects www.123greetings.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	assets.pinterest.com	www.123greetings.com assets.pinterest.com
2	static.avantisvideo.com	cdn.avantisvideo.com
2	m.exactag.com	ads.eu.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.123greetings.com www.googletagmanager.com
2	apis.google.com	www.123greetings.com apis.google.com
2	connect.facebook.net	www.123greetings.com connect.facebook.net
2	www.123greetings.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	web.hb.ad.cpe.dotomi.com	player.aniview.com
1	hbopenbid.pubmatic.com	player.aniview.com
1	tlx.3lift.com	player.aniview.com
1	htlb.casalemedia.com	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	ib.adnxs.com	player.aniview.com
1	js-sec.indexww.com	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	play.aniview.com	cdn.avantisvideo.com
1	go1.aniview.com	player.aniview.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	tg1.selectmedia.asia	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s3.amazonaws.com	c.123g.us
1	log.pinterest.com	www.123greetings.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	x.123g.us	c.123g.us
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i1.ytimg.com	www.123greetings.com
1	i.ytimg.com	www.123greetings.com
1	www.jpada.com	1 redirects
0	ssum-sec.casalemedia.com Failed	js-sec.indexww.com
314	67

This site contains no links.

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2022-03-01` - `2023-04-02`	a year	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2021-08-11` - `2022-09-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-04` - `2022-07-03`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
cccobh.com R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2022-01-19` - `2023-02-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
wl.aniview.com R3	`2022-04-04` - `2022-07-03`	3 months	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.123greetings.com/events/sukkot/sukkot10.html
Frame ID: E09FE013B9B2A754F708343041092E64
Requests: 149 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html
Frame ID: 6F9660ED5E92F5930EFB73BA92F09944
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=90&slotname=1859592561&adk=3916771214&adf=3588316316&pi=t.ma~as.1859592561&w=728&lmt=1656257113&psa=0&format=728x90&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113330&bpp=4&bdt=550&idt=113&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MWNG7hAkno&p=https%3A//www.123greetings.com&dtd=127
Frame ID: E82BC50A276DFE719A78FD06817AF615
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=261372822&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113334&bpp=1&bdt=554&idt=128&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r0R0KT2SOq&p=https%3A//www.123greetings.com&dtd=131
Frame ID: 5D527E45494D01A9C331AADFD8B9DAC7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136
Frame ID: E07F599B07F183FE3DD0D7E285453D30
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149
Frame ID: 40EC66B5FE698C18620055D1B0B2A9F0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2993015615&adf=2830808576&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113336&bpp=1&bdt=556&idt=151&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8QPXyarfwh&p=https%3A//www.123greetings.com&dtd=155
Frame ID: C2F9EF615E37879882B1C9533BD7820D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2993015615&adf=2042738649&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113336&bpp=1&bdt=556&idt=157&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=VA4rlXO6IW&p=https%3A//www.123greetings.com&dtd=164
Frame ID: D4F9C24571B079847D1D8FC0C987CCD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2993015615&adf=1019531656&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113336&bpp=1&bdt=556&idt=167&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=WMTxXSVheH&p=https%3A//www.123greetings.com&dtd=169
Frame ID: 843C0EBCB4914179BCB63A288C5BF966
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1656257113&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113510&bpp=1&bdt=730&idt=1&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=13
Frame ID: CBBC703CC5DA1A1ECF5A6C684D2F07F4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb0f43341fb64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&layout=button_count&locale=en_US&ref=fb_lk_cd_1&sdk=joey&share=true&show_faces=false
Frame ID: 405ECB87D35123C63CA4B76A26B2EF1B
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAHyrwKd6RmAArmn9ZErCkWFI-1qG59hg&u=%7CpLIzbtIv72e1bcnx%2Fr2YVqhrm8prZjK5F26qNIPEzNI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFUdxoq62UkqgBBORBZFh7WQ05-CM5yfyaQUBLdsORw4ujR9VqQVAvSnIUXIOr6U7J_RN0hiRerC0uTGw-Veetn_Cb9kHX4B6VjxmAy-6YflCneIDdTxckNbkiOb4k4lBuMSxQFdi9Xi9NLXDKqRSmgXchPvw8Id0nn_IfdUH_XsjZ-UypdYw6V8H7dvH81WYTkYcSbTo0kkkpPHvmd2TaCKNl8XSsBzFxvK56ZS8W-fKRif6IH2WeyW2uWYoOAIMy9mio3IgcirSuteWODFE6VLjOS_fRAHDqGJi-ccq6saWow0FJNwLjFOSAn0j-1fpQhCYOh9vzenpKpElhr4UJ8xEkCaOfZFoyXPVkkF9YbW-n9n8VpBxOR8Yag-uKaSwjjkY_r9IWelxdR1HkS-KchA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBlukWXq4YryVH-bI3gOfzauAA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTPAU_QO9h_Prevsk1LmB5j2fPq-D-UlLda2aSkjQ3Rs23yohp33xnYtxPqdrz4u1_U_oftBFVdIS6hxWcFMQY2erHzDc3kosJmzj39mwWZ2HLSohZ2Wul9vYsAOeaVyYQDOf1QsVmgel05uJpc5Ln8JI8JV0OQEE5ybKTXedTHBZzyDa33BzDc9JJ4luM-suxqSOtWEtMxlBU69N_q-a4xqyzJASMMUaw6jMtxNrWIFm2gZ10VrdQmYAgOULXd-qGLaDA1O8UEbbd4zQNc3K2_WoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2WUBGXn9f6wqRLDoTISKHgal9aXg%26client%3Dca-pub-4056521106463804%26adurl%3D
Frame ID: EFCE32B5921BC2F8CE56BADE3E8BD5ED
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH90wKGVoVAA3HmcZ7nu9pa0ZsDzzeWw&u=%7CpLIzbtIv72cM9Uv3oyjBei8BqN8tZg1kxRB756yr2%2BU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbmsK-zXubt-YzC4iRQ51iBWo2BAKoeFmnUHt5qbAvGg7h-OBH1ad4dV1kLZ1pDC9DK0eYOjMk-5hk3Y90epoRuT7iyNAPGqv1g6X-5IwjgqvGKKuVVEcWk4mRc2ieIGAt3gQ3HYMT0ZaotK01BBZfykpgBelmDay0I1qIDvUwuFmB3tYR0RA_O10RsO42P4QMMwTvdCv9l1toTzcH7nOO5iwPVg700B20LDIHs7w270GATB2r5pQXgKjFRFLeudHWn2ecgtVvrR4KTjVnnHJTc9mO4BAu-vK0TaGHSKhUmTz3xbKvdNgddrBVnTyIlIcQbCwcfHJfqOpiQUT18OEZtPnzasyAunHx75toKyo6p-x1nXvImDLYEf_Vl3S4R_QXzbt-HUQOn9A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3M5IWXq4YszuH5W0ZZmPt7gEyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBNABT9AdIELZymCtxY2bAKijSoIkcBCoqVtyXRQS4E41u5iaSIzZ7kPwQBWTLYHoIjc5yPAr05_4Gj3EKZQkZwwj1tahIL8A8eFvEJbsBB4eZAvaWFAST128DD8q1Zl8KmSUsdkL1g8ogB9nz5yBye9ihVr4bLKqyJnarQIffeNkAlBPwSLWoxVJqOErtmz5QgV1SKrWWuPZLCdQe-FIE5h5JVGTSPvS5lnSJNpGqZlCkBgzfbw7op6ypP__XF3VTLjz6bu9hi9NXoymZcocyQd_VYAGsJqfnOuR9LezAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3J7WTV-O2_0WG2oOQfS2KznOtqow%26client%3Dca-pub-4056521106463804%26adurl%3D
Frame ID: 7F511578BFFBE27637D55BEE721ED5DD
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH7z0KGa4aAAVC_gtFN2aPvKCpOb4K7Q&u=%7CpLIzbtIv72fjePshLxv15WIUQ9hdlof8NX5X1u0oKp8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbZ1qHheAZXdyvhzlQFyr2idlbJ_dqSDk4Fuh0jyOMZLaDUN0O5WjOFzTD7YkD5Kte5cMtftNFY-4W8xwATJAehU_C8y54lFj9X08NvgjjRX0UWVGK0gyNHCudv1yorMs2gkDTJolfr-mdr-cuew4NcD_cXbdPkY3gX1YCleSzxDgLFUyOMXcQlhqS-Q3rRojVKfFTh455CiBfvl9madKrrvreoXXxhd6kkoL-fD1rXqmKLoB_fZ3HnanxXQilEXfBByWgvhMHUz6-JRcAib7UNQ--Akkv7PxMkOAIR0ZsT6bWx52CP6cXOFWiTjanXCLS-eRZLqxUdpfvrtJpBk2LMoPm7CjY0A9xeW3guv6MZrpiDAviwcAHJjRFB93mRmwCjwhBAZteD-E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFyiWXq4Yr3eH5rcZv6FlbAFyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBNABT9CQqKCa3xOXmyOnMRP6SqCEDzKDAbtUvPALdd16Yk-UC-KxsVZdtYcYxpsqWeMRp-8gZZWtFtdWEIZo2WRTYgIediQbBI_J5LuO_0uw8NU7sWXcGSEFkysLgm2zSl31VTmP5G4-08qEcfQN8i5leCCKnMeCpzEEBUnfgRUyntBF1ywrBQ3Z65J_CmI_VLxfTZ6Ku8lSVDB3jL1pZUi-r3_9laRk0CXe2yOhSbvRCUZ3qCWZVKRIuf2gidxGPd6cR3D-m9JLkfOeYynbxu6JTIAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1EQSCjeANWVQJcy3U7B0M1OCkSTw%26client%3Dca-pub-4056521106463804%26adurl%3D
Frame ID: DBC7DC2C19571398ED9CDEE46F347536
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH-DoKwkw8AA0MVRwnLD7YWNFk9g0qKQ&u=%7CpLIzbtIv72feh9CmQ0bB4wsQsFVKDOu7Uj1cmOePKc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbmsK-zXubt-bzgxjsQ17iZfKrBf6LGaZrEaittpFi5WlYfCtV7OOwCDTR0hIdK4y9oL4Dk026KWu79uzQKnCxrdQfKyg5ebUWWkx2k1Xtqeb6gKluNgfYYY8trcS-vVQ3e50TaKWWWoVJWI52KRi_8rcpDAl7LJmLotbDn7yjiZFg9H-yojYqKxhx6fIgLKKYEswtspM5odsd3VMCdmTH4O5bMGzmTJ_J8Pub6nUJ8A8qUgig9Wp275cRopo0s9eb7VORcUj4LprSURlcp6lk1jJdHhM8F-sLSSBuMZZ5PKytwpP81OdrWbhv5nCII3jsY7XoBZT9BVmhvGNNRp7vMgrsLzKNuSPwO4QbcbnrdwWPTe5lWUKZLx3UJblwrIBi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa0LYWXq4YrrwH7yYiQbVmLTwCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTWAU_QMxbS_27pME5mym6kvyNUVX0z7KOKi11Be2legvCPPi7nLux8jDxAUWksuubMEeMYtpyG2RWntuuXGQ0bWKf8HfikbjKyOCoWOl_4-BGmGAfWgH6QEbvQfY22KZ0h_7XHzYUDzGJS_lALfWa7ksTZwOzIUd-nCje0-CUBxkeaLb5-52_XaADay2Zv_1ImeMfT3Yl95KByLuM6ciz33-Q850--Ye-f7Nz0OP3UhlEbjHKQSxqgPchv9jLFMWowYkwQyOHBYP_sq3sW6CeEzHyH3TVWH76ABrCan5zrkfS3swGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0a12cz7zRSrrtT5BzXFg3s6DLngg%26client%3Dca-pub-4056521106463804%26adurl%3D
Frame ID: 18F08D744FA6B42A9AC1952C5D48E397
Requests: 25 HTTP requests in this frame

Frame: blob://https://www.123greetings.com/c2cdaa4d-d577-4b10-816d-01fe3297ba7b
Frame ID: 7E60CCFF31048BF2BE89A4DECC705C95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9DA224713F0BD6743D914D6331E14A4B
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 78F4923EBF0C41B5D6D8471DA8B9A5EC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: 377505996FB9699EADB5F9B7D7D3D0EE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600
Frame ID: D43815F64C69A7B0ED76E568B2F45277
Requests: 13 HTTP requests in this frame

Frame: https://b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81CA1A6FE16F695A7DBD655A514919D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22FA1F9B00CFC12EF67A0BB868D6BCBF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55542BD8D5E6FA6AED039F92C9DBE896
Requests: 2 HTTP requests in this frame

Frame: https://b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BDD613DED882C10B18D601CE69C75CE6
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 8B47BB53CBDAD40F9BCC0AC01954CE83
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Frame ID: 0BAFE0C0CF1D03F5872BA32CF1CD3741
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1656257118609-929619316165-005982-014-000369%26biddername%3D1%26key%3D
Frame ID: 5A2FF0B3AB521AA5134BCC2457F2B6C9
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 24E78CD9C81D8C6AA46089F67C8299C9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com%2C%20r12.lb.indexww.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0457DF43CACA83FB6281AA73C05C662C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.jpada.com/cgi-bin/click.pl?cid=nl030656202202&lid=227976&uid=201134437?utm_source=img1... HTTP 302
https://www.123greetings.com/events/sukkot/sukkot10.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

314
Requests

96 %
HTTPS

56 %
IPv6

38
Domains

67
Subdomains

62
IPs

6
Countries

4434 kB
Transfer

11537 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.jpada.com/cgi-bin/click.pl?cid=nl030656202202&lid=227976&uid=201134437?utm_source=img1&utm_medium=newsletter&utm_campaign=Jun22_nl_wk4 HTTP 302
https://www.123greetings.com/events/sukkot/sukkot10.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.123greetings.com/usr-bin/view_sent.pl?type=VW&cardid=121029 HTTP 302
https://c.123g.us/images/zero.gif

Request Chain 165

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=146.70.117.70&cuidchk=1

Request Chain 228

https://www.facebook.com/v5.0/plugins/comments.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600

Request Chain 320

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com%2C%20r12.lb.indexww.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

314 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sukkot10.html Show response
www.123greetings.com/events/sukkot/
Redirect Chain

https://www.jpada.com/cgi-bin/click.pl?cid=nl030656202202&lid=227976&uid=201134437?utm_source=img1&utm_medium=newsletter&utm_campaign=Jun22_nl_wk4
https://www.123greetings.com/events/sukkot/sukkot10.html

39 KB
10 KB

749ms
418ms

Document
text/html

184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache /

Resource Hash

25e1f17f2825872b341284eddaaaccfad60e44b3ca986a7165769dfdcfd3c306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=900
Connection: close
Content-Encoding: gzip
Content-Length: 9458
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Jun 2022 15:25:12 GMT
Expires: Sun, 26 Jun 2022 15:40:12 GMT
Server: Apache
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 319
content-type: text/html; charset=iso-8859-1
date: Sun, 26 Jun 2022 15:25:11 GMT
location: https://www.123greetings.com/events/sukkot/sukkot10.html
server: Apache/2.2.15 (CentOS)
vary: Origin
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-id: 4a-nhJLCqeIoxDzwjLZKx_MtoBBpVic_BhUZd4meU7g6uNc1fE5YwA==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK card_page_R1.css
c.123g.us/css/ 27 KB
6 KB 280ms
135ms Stylesheet
text/css 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/card_page_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 35276e401d27d1f4ceb5f451cd11b25ff453808d2152e338e07b4b25978f25a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 04 Jun 2022 11:41:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Aug 2020 13:04:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1914237
ETag: "246af-6db9-5adb3565956c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6257
jake_test: Test_Pass

GET
H/1.1 200
OK chk_script.js Show response
c.123g.us/js2/ 912 B
913 B 224ms
13ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/chk_script.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b24a2cb5992e8786101b34359e5b00b71cb48f654cbe9d0eb74133a7e45a569d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 07:54:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 13:24:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1323054
ETag: "390-5db6f762bfb80"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 503
jake_test: Test_Pass
Expires: Wed, 22 Jun 2022 07:47:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 109ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5686d5665228ad8b8e3bd8cd3ea18d40b49ee326488bc1c21cb029eebec577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56630
x-xss-protection: 0
server: cafe
etag: 3710488519846325764
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 PinExt.png
assets.pinterest.com/images/ 936 B
1 KB 331ms
18ms Image
image/png 2a02:26f0:ef:285::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/PinExt.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:285::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 86400
x-cdn: akamai
etag: "61ed0472dfcbfaf25e7585f119adf76a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=61840
accept-ranges: bytes
content-length: 936
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK 348114_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 134ms
27ms Image
image/jpeg 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/348114_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82dd4a981d9bdc00497c77c380ad77c848a6e5d0303ed1bb521a209a38c2380c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 08:54:21 GMT
Last-Modified: Wed, 22 Sep 2021 12:46:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 369052
ETag: "666-5cc94e59c38c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1638
Expires: Wed, 22 Jun 2022 09:09:21 GMT

GET
H/1.1 200
OK 340562_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 121ms
21ms Image
image/jpeg 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/340562_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 172d39a0e72098c0900788ddc9dd241e7aad7babd36728b468a2d9e834ad1d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 08:02:30 GMT
Last-Modified: Wed, 09 Oct 2019 11:22:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1236163
ETag: "873-594787f7650c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2163
jake_test: Test_Pass
Expires: Sun, 12 Jun 2022 08:17:30 GMT

GET
H/1.1 200
OK 314587_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 806ms
709ms Image
image/jpeg 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/314587_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9a84239c1204d9f210f089f6c450809de4995f4f29e2dbe8280455ec1f315ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:13 GMT
Last-Modified: Tue, 30 Sep 2014 12:59:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 0
ETag: "87e-50447f418ac00"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2174
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/_EMn_4vY3K8/ 3 KB
4 KB 156ms
82ms Image
image/jpeg 2a00:1450:4014:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_EMn_4vY3K8/default.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6fb84e11c6ef0e2eb33f845c6fbb8e7076f76b9baf0be4f64195b8c93ea955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3474
x-xss-protection: 0
server: sffe
etag: "1602368066"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 26 Jun 2022 17:25:13 GMT

GET
H/1.1 200
OK 124432_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 4 KB
4 KB 380ms
310ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/124432_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c75dc0181018edcb5f31db29b6b65bfd996043907ca84cd0d3604e42f3149c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:13 GMT
Last-Modified: Mon, 24 Feb 2014 08:31:37 GMT
Server: Apache/2.2.15 (CentOS)
Age: 0
ETag: "fbd-4f322ccc8ec40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4029
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H/1.1 200
OK 121016_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
4 KB 90ms
21ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121016_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8961bac40e3103c815ae9020416429332bb9a56b14f12fe5721fd54184400118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 19:26:44 GMT
Last-Modified: Wed, 05 Aug 2015 15:29:32 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1540709
ETag: "d5e-51c9211bdaf00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3422
jake_test: Test_Pass
Expires: Wed, 08 Jun 2022 19:41:44 GMT

GET
H2 200 3.jpg
i1.ytimg.com/vi/EC4IVe61p-0/ 4 KB
5 KB 159ms
73ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/EC4IVe61p-0/3.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55abb13cc57f93a933ea0f3e5a5e1918c905685ee3a627498746fcfb05fc67db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4137
x-xss-protection: 0
server: sffe
etag: "1526713034"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 26 Jun 2022 17:25:13 GMT

GET
H/1.1 200
OK 121017_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 657ms
594ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121017_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: dc3bc858b071f656a2650f9399c3646b99b9ece4afa223bcaae86f762c512fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:13 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Footprint Distributor V6.1.1162
Age: 0
ETag: "c2b-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3115
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H/1.1 200
OK 121012_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 67ms
20ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121012_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b0dcfcdf9265f2b5fd584eaceb0b061430cb48808562bae32275176e2358e15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 08:02:06 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1236187
ETag: "a85-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2693
jake_test: Test_Pass
Expires: Sun, 12 Jun 2022 08:17:06 GMT

GET
H/1.1 200
OK 121029_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 26ms
24ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121029_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0c0bf8c97c0f2f0ba103d6d71694807b37ffa37de08e21ff56586e939b4ef3da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 17:03:24 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1981309
ETag: "b99-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2969
jake_test: Test_Pass
Expires: Fri, 03 Jun 2022 17:18:24 GMT

GET
H/1.1 200
OK 120988_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 20ms
19ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/120988_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3ec8a31e13fcb12fc39c3ab5c20e1ce6198a681a113c0c02b0c23dad7ae382da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 13:45:00 GMT
Last-Modified: Fri, 19 Sep 2014 15:15:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1388413
ETag: "a2d-5036c932b6800"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2605
jake_test: Test_Pass
Expires: Fri, 10 Jun 2022 14:55:54 GMT

GET
H/1.1 200
OK 121015_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 27ms
25ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121015_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 73963f651883c39e1b16ff1f486dc3b7fd362c5f427df2adda0903fe1419674e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 07:30:22 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1238091
ETag: "a9e-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2718
jake_test: Test_Pass
Expires: Sun, 12 Jun 2022 08:17:30 GMT

GET
H/1.1 200
OK 120987_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 24ms
24ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/120987_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bcd23839e51a3a9454c3b44775b2a70b545790777e1b85e09bdde3f9f992de58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 17:03:24 GMT
Last-Modified: Wed, 05 Aug 2015 15:29:17 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1981309
ETag: "a13-51c9210d8cd40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2579
jake_test: Test_Pass
Expires: Sun, 12 Jun 2022 08:17:06 GMT

GET
H/1.1 200
OK 120989_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 77ms
76ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/120989_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cead727c7f108bb8a4644fa6eae433352dfb0ffeb1fe194840b6ca82c0b6e701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 19:26:45 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1540708
ETag: "84e-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2126
jake_test: Test_Pass
Expires: Wed, 08 Jun 2022 19:41:45 GMT

GET
H/1.1 200
OK 335568_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 354ms
354ms Image
image/jpeg 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/335568_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12fb8c8ed06c31e003e41850935bca35d10e58f2aa0bb936d97f504417afd1a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 17:03:24 GMT
Last-Modified: Sat, 22 Sep 2018 05:55:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1981309
ETag: "bba-5766f65a03980"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3002
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H/1.1 200
OK 121013_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
4 KB 346ms
346ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121013_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 738db4924b849a16c3b0979e1562cda906374a9bc374cdb8a5b4df28734d76dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:13 GMT
Last-Modified: Wed, 05 Aug 2015 15:29:24 GMT
Server: Footprint Distributor V6.1.1162
Age: 0
ETag: "d0d-51c9211439d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3341
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H/1.1 200
OK 124440_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 4 KB
4 KB 203ms
202ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/124440_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5769bdfa40b03530aa926e7c9797008cbe2d22391f3767caab9e97a95c019cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 25 Jun 2022 20:08:06 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 69427
ETag: "f80-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3968
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H/1.1 200
OK 335552_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
3 KB 565ms
564ms Image
image/jpeg 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/335552_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: bcc649e653b4fd96ff759065c7db898969e306c9c4c7ae3cbff8bc3091825f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:11 GMT
Last-Modified: Wed, 19 Sep 2018 13:16:24 GMT
Server: Footprint Distributor V6.1.1162
Age: 3
ETag: "943-57639368d5a00"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2371
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:14 GMT

GET
H/1.1 200
OK 121014_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 447ms
447ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121014_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5cfe6329a28119a02115058261d9103d3d94bb068133ff1fc574cca1b6f0656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:11 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 3
ETag: "c5a-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3162
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:14 GMT

GET
H/1.1

200
OK

zero.gif
c.123g.us/images/
Redirect Chain

https://www.123greetings.com/usr-bin/view_sent.pl?type=VW&cardid=121029
https://c.123g.us/images/zero.gif

49 B
382 B

22ms
22ms

Image
image/gif

67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/zero.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 09:35:19 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1316995
ETag: "31-54da7c7971dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49
Expires: Sat, 11 Jun 2022 09:50:20 GMT

Redirect headers

Location: https://c.123g.us/images/zero.gif
Date: Sun, 26 Jun 2022 15:25:13 GMT
Server: Apache/2.2.15 (CentOS)
Connection: Close
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ 92 KB
92 KB 18ms
18ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 11:25:27 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 791986
ETag: "8047c-16f3a-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94010
jake_test: Test_Pass

GET
H/1.1 200
OK tab.js Show response
c.123g.us/js2/ 5 KB
3 KB 16ms
16ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/tab.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0fbf06f675663f1ec793289e8eaa4dcc4eb791f90e6311ed809b506e88f3a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:14:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1998669
ETag: "1586-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2897
jake_test: Test_Pass
Expires: Sat, 11 Jun 2022 17:20:59 GMT

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 21ms
21ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 12:27:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1133844
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Mon, 13 Jun 2022 12:42:49 GMT

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 28ms
28ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ab6d4b2d4f6660e0cc5106868e09a73e955c90a0dbec418cb63bae5a04a713b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 07:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Mar 2022 11:14:56 GMT
Server: Apache/2.2.15 (CentOS)
Age: 201607
ETag: "2c7d9-1ed4e-5da6823d26c00"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30673
jake_test: Test_Pass

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
22 KB 24ms
24ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 07:32:12 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 373981
ETag: "80468-57b2-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22450
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_cardpage.js Show response
c.123g.us/js2/ 42 KB
42 KB 18ms
17ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_cardpage.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 664837d2bb88ac17d1bc3d9c3e65cb23adf2ba6051d2c48dfe9c3dac555eb66e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 19:29:51 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 849322
ETag: "80464-a777-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42871
jake_test: Test_Pass

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 19ms
19ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 20:54:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:01 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1449050
ETag: "d4c-57300e747f440"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass
Expires: Thu, 09 Jun 2022 21:09:23 GMT

GET
H/1.1 200
OK date.js Show response
c.123g.us/js2/calendar/ 3 KB
1 KB 18ms
18ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/date.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 31 May 2022 22:11:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2222042
ETag: "afa-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 974
jake_test: Test_Pass
Expires: Tue, 31 May 2022 22:26:58 GMT

GET
H/1.1 200
OK jquery.datePicker.js Show response
c.123g.us/js2/calendar/ 15 KB
5 KB 17ms
17ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:24:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 547253
ETag: "3d65-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
jake_test: Test_Pass
Expires: Mon, 20 Jun 2022 07:39:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 73ms
23ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4be46c005a086ac494c5dbfcb1e6d7df03a317c1663072fa7636bea837e0b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sghMAD8Pj5N2FQiUlPsA5Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: BtdUHiMKVt05r18jfJiMXQBupc9FZhKL1OjOxwWnFVhgxDQZWntCUgKObS1prAUA1k+bl7g1Z8g8Gfd65Ra9mg==
x-fb-trip-id: 1679558926
x-fb-content-md5: 4b5c290b6f290a564b8937578db80d98
x-frame-options: DENY
date: Sun, 26 Jun 2022 15:25:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e59a8ef8c00bc9dba85e4decf8937456"
timing-allow-origin: *
expires: Sun, 26 Jun 2022 15:34:30 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
20 KB 69ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0a8c8d899c3a0a28219d8d7668ef0256652eee1bb63b5d96ba52cd3e18f03c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sun, 26 Jun 2022 15:25:13 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a34ff92a9ec0825b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 329ms
16ms Script
application/javascript 2a02:26f0:ef:285::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:285::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=269
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 20 KB
7 KB 61ms
50ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 31 May 2022 07:14:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 12:46:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2275827
ETag: "4ec6-5cbdfda4a4800"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6384
jake_test: Test_Pass
Expires: Tue, 31 May 2022 07:29:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 74ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a19eef0bcbdc0cf7bc226de1e966d894f60743a7b8ac36ac0dd3e0704bc86ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40759
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 81 KB
16 KB 25ms
24ms Stylesheet
text/css 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 05:59:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2022 05:14:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 638749
ETag: "2454c-14218-5df6a8f0bdcc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16272
jake_test: Test_Pass

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 110ms
89ms Stylesheet
text/css 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 11:40:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1309497
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Sat, 11 Jun 2022 11:55:23 GMT

GET
H/1.1 200
OK clear.js Show response
s.cccobh.com/ag/945541/ 6 KB
3 KB 185ms
36ms Script
text/javascript 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/chk_script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3ca8161dcad8f58f38fe385fa7d75b1451477f98458f7f6d7a9dcd2d3e3850be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jun 2022 15:25:12 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2691
Expires: 0

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
438 B 22ms
17ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 00:05:08 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 400805
ETag: "9d001-91-54a227b81c940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 58ms
36ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 30 May 2022 08:04:37 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2359236
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Mon, 30 May 2022 08:19:38 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 139 KB
139 KB 67ms
21ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 05:59:31 GMT
Last-Modified: Fri, 20 May 2022 05:14:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 638742
ETag: "9ce34-22ca6-5df6a8f0bdcc0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142502
jake_test: Test_Pass

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 84ms
47ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 15:29:18 GMT
Last-Modified: Wed, 11 Sep 2019 08:42:36 GMT
Server: Apache/2.2.15 (CentOS)
Age: 690955
ETag: "9cd35-21653-5924300b6d700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 88 KB
88 KB 51ms
49ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 16:40:12 GMT
Last-Modified: Tue, 15 Feb 2022 08:13:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1982701
ETag: "15fce-5d80a1cfa6dc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90062
jake_test: Test_Pass
Expires: Mon, 13 Jun 2022 06:26:27 GMT

GET
H/1.1 200
OK master_icon_set.png
c.123g.us/images/ 93 KB
93 KB 70ms
19ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 17:46:30 GMT
Last-Modified: Wed, 03 Jan 2018 10:30:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2065123
ETag: "17326-561dcb51f9ac0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95014
jake_test: Test_Pass
Expires: Sat, 18 Jun 2022 08:38:59 GMT

GET
H/1.1 200
OK ajax-loader_sm.gif
c.123g.us/images/ 2 KB
2 KB 60ms
16ms Image
image/gif 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/ajax-loader_sm.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ed1c2c6b7b77b966dd42dbec5cda78e14595383a75aa465912cbd75c0e2dc569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 14:10:12 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1646101
ETag: "739-54da7c7a66000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1849
jake_test: Test_Pass
Expires: Tue, 07 Jun 2022 14:25:12 GMT

GET
H/1.1 200
OK 121029_bg.gif
i.123g.us/c/eoct_sukkot/bg/ 49 B
407 B 405ms
337ms Image
image/gif 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/bg/121029_bg.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: fc633dffe1f314ee8d65257c7943c576e389f08cfaa4b1acdce3bef337e881bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:13 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Footprint Distributor V6.1.1162
Age: 0
ETag: "31-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:13 GMT

GET
H/1.1 200
OK 123g_master_icon_set_2.png
c.123g.us/images/ 60 KB
61 KB 59ms
21ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 07:10:37 GMT
Last-Modified: Tue, 15 Feb 2022 08:13:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1757676
ETag: "f1d2-5d80a1cfa6dc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61906
jake_test: Test_Pass
Expires: Sat, 11 Jun 2022 19:43:02 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 43ms
21ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a302c57fb4611abd23f16c342b2d3ba7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cf98874bd0b1a8d9a5d869e79ff72a74025bbfb399d908d8c6ce2f3298f2747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.123greetings.com/
Origin: https://www.123greetings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: du4pTdB59lLwA3HeveWvQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87433
x-fb-rlafr: 0
x-fb-debug: bKuhv85FNlfM8pZQIXUqtF7zBA/e3Dum+GwDYfCeoymHwNYwrTQrPb22vQe5yRiJdHzlLUAE6u8czmbKkp989g==
x-fb-content-md5: b606b7d47a3cb9987fa04d916ef96064
x-frame-options: DENY
date: Sun, 26 Jun 2022 15:25:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4e7740d183aff614169d8555146961a2"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Jun 2023 15:00:50 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 149 KB
51 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c41da44013f0e258f2518910b3eec8479929f4b99c791fcc1fe6b644a088f9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 13:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52026
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 13:51:19 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206220101/ 336 KB
118 KB 64ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4056521106463804&plah=www.123greetings.com&bust=31068188

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f86b2c9d77f3aae409f0a66f2bc2f2cdcba6234f7f259542a0bc4acc69507ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120944
x-xss-protection: 0
server: cafe
etag: 15510966660240722036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/ Frame 6F96 10 KB
5 KB 39ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 22:18:56 GMT
etag: 10429905676100781186
expires: Sat, 09 Jul 2022 22:18:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 148ms
38ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?oz_pl=1&dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&_x=1
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.cccobh.com/2/2.62.0/ 160 KB
50 KB 41ms
41ms Script
text/javascript 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cccobh.com/2/2.62.0/main.js

Requested by

Host: s.cccobh.com
URL: https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

88b108afe172ccaa440286f0786299af4b4801012a4b0dde7f58cfb5c03fcde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:12 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 51059
Expires: Wed, 04 Mar 2054 08:31:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
650 B 423ms
42ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4056521106463804

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4056521106463804&plah=www.123greetings.com&bust=31068188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d6e9c50238d011e9f8e8ab20d324428f5c03dc12061665b8bea3cfa699e8aee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E82B 22 KB
9 KB 194ms
167ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=90&slotname=1859592561&adk=3916771214&adf=3588316316&pi=t.ma~as.1859592561&w=728&lmt=1656257113&psa=0&format=728x90&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113330&bpp=4&bdt=550&idt=113&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MWNG7hAkno&p=https%3A//www.123greetings.com&dtd=127

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d0b4ede9956b8fe3508e3d75d1ecfe66f2be8a76caa57ca023f2b9e25408ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D52 22 KB
9 KB 214ms
196ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=261372822&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113334&bpp=1&bdt=554&idt=128&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r0R0KT2SOq&p=https%3A//www.123greetings.com&dtd=131

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8db02e3c36ac7d660d7f77f3be68d425d783b820cdf267db6f8c16381f134f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9515
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E07F 22 KB
9 KB 240ms
226ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

078ceb82bf62496cd98ef21f68af01f24b929640f472124aba42f057df07731a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9498
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40EC 22 KB
9 KB 228ms
227ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d85460ec8abea55f97e87ee5e01fbd930d53abf68707c0223a58e2c2f362985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9494
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2F9 436 B
236 B 208ms
208ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2993015615&adf=2830808576&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113336&bpp=1&bdt=556&idt=151&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=332&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8QPXyarfwh&p=https%3A//www.123greetings.com&dtd=155

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

235a345327b9f8550f7a722cda87248e784d4405870c541794b024b575be6e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4F9 436 B
237 B 205ms
204ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2993015615&adf=2042738649&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113336&bpp=1&bdt=556&idt=157&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=VA4rlXO6IW&p=https%3A//www.123greetings.com&dtd=164

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9f135f6c6578c61ecdae16d8ae575e781bdbbcd729cdda8bdecb76dc34f367b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 843C 436 B
237 B 210ms
209ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2993015615&adf=1019531656&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113336&bpp=1&bdt=556&idt=167&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=WMTxXSVheH&p=https%3A//www.123greetings.com&dtd=169

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed7edfa2d13fbf61f96ae8a4c6915a48862947e98b35e66110c697ee54b21a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 93ms
52ms Fetch
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a302c57fb4611abd23f16c342b2d3ba7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: MxAVfcaDVM1BMr/7eQ+EDMZH2M02GFVLR5wc5qVaUl35D3eLorqe4OTZD0K9e4jMq8AJvVQGHNjtWJ0oQT/HlA==
fb-s: unknown
date: Sun, 26 Jun 2022 15:25:13 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CBBC 144 KB
41 KB 954ms
954ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1656257113&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113510&bpp=1&bdt=730&idt=1&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e426922be3659aee73d75cb94fce492bca0a56ba476535a5e49fc8231a54a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42231
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:14 GMT
expires: Sun, 26 Jun 2022 15:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 463ms
118ms Script
application/javascript 54.156.107.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.107.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-107-70.compute-1.amazonaws.com

Software

Apache /

Resource Hash

82920682aeaf8d829ab19da39627483be0167e5a091ac57dcac8b34d5628e5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jun 2022 15:25:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 732
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 401 KB
76 KB 16ms
15ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5d4f372a72550e9dbad3c14b8cdc20ede9feb676418c091b438ab276f300f70c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 08:12:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 08:09:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1062781
ETag: "2c029-64549-5e163eb1b4c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77405
jake_test: Test_Pass

GET
H/1.1 200
OK 121029_details.js Show response
x.123g.us/json/ 1 KB
1 KB 583ms
375ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/121029_details.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1624c39255bcec121ecc563695148c354432e070801a013c22235c87346621c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jun 2022 09:39:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 3
ETag: "519-5e1dde0cb5fc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 629
jake_test: Test_Pass
Expires: Sun, 26 Jun 2022 15:40:14 GMT

GET
H/1.1 200
OK 121029_pc.jpg
i.123g.us/c/eoct_sukkot/pc/ 57 KB
58 KB 61ms
29ms Image
image/jpeg 67.27.159.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/pc/121029_pc.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9eb084612d63c1939ce99b714f5c030e5ecfce81c05b8adc4d2b2e4ffa1c76e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 10:27:14 GMT
Last-Modified: Tue, 27 Jun 2017 21:23:34 GMT
Server: Apache/2.2.15 (CentOS)
Age: 881879
ETag: "e4c9-552f7ae0c6180"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58569
jake_test: Test_Pass
Expires: Thu, 16 Jun 2022 10:42:14 GMT

GET
H/1.1 200
OK play-button.png
c.123g.us/images/ 3 KB
3 KB 15ms
14ms Image
image/png 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/play-button.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 10 Jun 2022 07:11:08 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1412045
ETag: "afd-54da7c7a66000"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2813
jake_test: Test_Pass
Expires: Sat, 18 Jun 2022 08:27:48 GMT

GET
H2 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 405E 50 KB
17 KB 362ms
362ms Document
text/html 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb0f43341fb64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&layout=button_count&locale=en_US&ref=fb_lk_cd_1&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a302c57fb4611abd23f16c342b2d3ba7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38ed72a15a801af999542026224f11fcd4546cba8fa834910747a33f25818690

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 26 Jun 2022 15:25:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v7.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: uL1x1yPm+0670ZNtUjChKRVr8dH6iOCmeB9wB3BMLOSDaAwfdfp3M861klkACS8tIGW9cJ1rdxkzl4d/TZlO5A==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 15ms
15ms Script
application/javascript 2a02:26f0:ef:285::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.08414765646162503
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:285::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=270
accept-ranges: bytes
content-length: 18679
access-control-expose-headers: X-CDN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
71 KB 71ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abdd5d4b06aef3cae2f06af17353cb1adc72e3eadc118e1af0dfe1120e0a7d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72578
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 96 KB
0 507ms
340ms Media
video/mp4 8.241.9.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.9.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 26 Jun 2022 15:25:11 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 3
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-1561329/1561330
Connection: keep-alive
Content-Length: 1561330

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 112 KB
0 509ms
336ms Media
video/mp4 8.241.9.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.9.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 26 Jun 2022 15:25:11 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 3
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-1561329/1561330
Connection: keep-alive
Content-Length: 1561330

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 45ms
44ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?oz_pl=1&dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&_x=1
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/ag/945541/clear.js?dt=9455411647029059265000&pd=acc&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 73ms
44ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257113638&oz_l=161&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 203 B
529 B 20ms
20ms Script
text/javascript 67.27.158.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 07:16:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 07:15:13 GMT
Server: Apache/2.2.15 (CentOS)
Age: 979714
ETag: "cb-5e177483f0240"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121
jake_test: Test_Pass
Expires: Wed, 15 Jun 2022 07:31:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame E82B 3 KB
1 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=90&slotname=1859592561&adk=3916771214&adf=3588316316&pi=t.ma~as.1859592561&w=728&lmt=1656257113&psa=0&format=728x90&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113330&bpp=4&bdt=550&idt=113&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MWNG7hAkno&p=https%3A//www.123greetings.com&dtd=127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:17:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E82B 137 KB
42 KB 93ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame E82B 17 KB
8 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:22:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 73ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-47Q5QDHYDP&gtm=2oe6m0&_p=1232483633&_z=ccd.v9B&cid=1628213940.1656257113&ul=en-us&sr=1600x1200&_s=1&sid=1656257113&sct=1&seg=0&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dt=Blessings%20On%20Sukkot...%20Free%20Sukkot%20eCards%2C%20Greeting%20Cards%20%7C%20123%20Greetings&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2166
date: Sun, 26 Jun 2022 14:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 26 Jun 2022 16:49:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E82B 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClYkiWXq4YryVH-bI3gOfzauAA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTMAU_QO9h_Prevsk1LmB5j2fPq-D-UlLda2aSkjQ3Rs23yohp33xnYtxPqdrz4u1_U_oftBFVdIS6hxWcFMQY2erHzDc3kosJmzj39mwWZ2HLSohZ2Wul9vYsAOeaVyYQDOf1QsVmgel05uJpc5Ln8JI8JV0OQEE5ybKTXedTHBZzyDa33BzDc9JJ4luM-suxqSOtWEtMxlBU69N_q-a4xqyzJASMMUax4jurjsToUBdI8c_7FkHLeaRwE5r_z4iM_oA2TyXoaQa_9Z4dPY4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDU2NTIxMTA2NDYzODA0GAA&sigh=AcIpvZYdjQE&uach_m=[UACH]&cid=CAQSGwCNIrLMVRpuolL8G6EVwgdkNadJkXigqIO1LRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=90&slotname=1859592561&adk=3916771214&adf=3588316316&pi=t.ma~as.1859592561&w=728&lmt=1656257113&psa=0&format=728x90&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113330&bpp=4&bdt=550&idt=113&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MWNG7hAkno&p=https%3A//www.123greetings.com&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame E82B 0
0 222ms
30ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EN6BMNgFWp2DYgICAAAAhMGaakKKRMwQWXq4Ymq3hVNeenE6fNkBABIAAA&wp=Yrh6WQAHyrwKd6RmAArmn9ZErCkWFI-1qG59hg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 160886
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EFCE 157 KB
51 KB 245ms
188ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAHyrwKd6RmAArmn9ZErCkWFI-1qG59hg&u=%7CpLIzbtIv72e1bcnx%2Fr2YVqhrm8prZjK5F26qNIPEzNI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFUdxoq62UkqgBBORBZFh7WQ05-CM5yfyaQUBLdsORw4ujR9VqQVAvSnIUXIOr6U7J_RN0hiRerC0uTGw-Veetn_Cb9kHX4B6VjxmAy-6YflCneIDdTxckNbkiOb4k4lBuMSxQFdi9Xi9NLXDKqRSmgXchPvw8Id0nn_IfdUH_XsjZ-UypdYw6V8H7dvH81WYTkYcSbTo0kkkpPHvmd2TaCKNl8XSsBzFxvK56ZS8W-fKRif6IH2WeyW2uWYoOAIMy9mio3IgcirSuteWODFE6VLjOS_fRAHDqGJi-ccq6saWow0FJNwLjFOSAn0j-1fpQhCYOh9vzenpKpElhr4UJ8xEkCaOfZFoyXPVkkF9YbW-n9n8VpBxOR8Yag-uKaSwjjkY_r9IWelxdR1HkS-KchA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBlukWXq4YryVH-bI3gOfzauAA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTPAU_QO9h_Prevsk1LmB5j2fPq-D-UlLda2aSkjQ3Rs23yohp33xnYtxPqdrz4u1_U_oftBFVdIS6hxWcFMQY2erHzDc3kosJmzj39mwWZ2HLSohZ2Wul9vYsAOeaVyYQDOf1QsVmgel05uJpc5Ln8JI8JV0OQEE5ybKTXedTHBZzyDa33BzDc9JJ4luM-suxqSOtWEtMxlBU69N_q-a4xqyzJASMMUaw6jMtxNrWIFm2gZ10VrdQmYAgOULXd-qGLaDA1O8UEbbd4zQNc3K2_WoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2WUBGXn9f6wqRLDoTISKHgal9aXg%26client%3Dca-pub-4056521106463804%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b085056e059cb0fbf72230f28ce3614d3a300b69205ce50f1c71bc844ac8fc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=blRNnyf0hSk9SF8YZJvlEPcr8z2owJ0UkbNT8RbarpQ1RF3PiuWiLtoA7vdezMk-pG3A8Oe3QiQCsLE5dPBg464aY-qsXZjxSA-0b2XcYg9omHzrYrQ0BAYksSoHly00B4jgoenQpyZZjJvbm-GutXWhgvUSNXMf3t2708Nj-AMUf0aTp4j0LT7hFlXg_NcfIghmq3OvnZh5Drf_20pBAJb87YmR8voFvSv_nGKUqXnclXIYM5DbrZyiqdPSLHBnyWmDWA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 110447137
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 5D52 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=261372822&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113334&bpp=1&bdt=554&idt=128&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r0R0KT2SOq&p=https%3A//www.123greetings.com&dtd=131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:17:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 5D52 17 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:22:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D52 137 KB
43 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D52 0
0 82ms
68ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVAsUWXq4YszuH5W0ZZmPt7gEyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBM0BT9AdIELZymCtxY2bAKijSoIkcBCoqVtyXRQS4E41u5iaSIzZ7kPwQBWTLYHoIjc5yPAr05_4Gj3EKZQkZwwj1tahIL8A8eFvEJbsBB4eZAvaWFAST128DD8q1Zl8KmSUsdkL1g8ogB9nz5yBye9ihVr4bLKqyJnarQIffeNkAlBPwSLWoxVJqOErtmz5QgV1SKrWWuPZLCdQe-FIE5h5JVGTSPvS5lmQJvvULhbeg6evaR_rnzhKrev16lf7VDpHIYYbdJBTcpQjz04PdoAGsJqfnOuR9LezAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDA1NjUyMTEwNjQ2MzgwNBgA&sigh=JtTEL3c0g9s&uach_m=[UACH]&cid=CAQSGwCNIrLM2C0MNZT3Lqf90ICrXUxI5_xr9S1YyxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=261372822&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113334&bpp=1&bdt=554&idt=128&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r0R0KT2SOq&p=https%3A//www.123greetings.com&dtd=131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5D52 0
0 125ms
59ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLKVEN2BMKwC-gGdg2ICAgAAAITBmmpCikTMEFl6uGK7pQa4z3cm2IT53wASAAA&wp=Yrh6WQAH90wKGVoVAA3HmcZ7nu9pa0ZsDzzeWw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 341953
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7F51 156 KB
51 KB 110ms
100ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH90wKGVoVAA3HmcZ7nu9pa0ZsDzzeWw&u=%7CpLIzbtIv72cM9Uv3oyjBei8BqN8tZg1kxRB756yr2%2BU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbmsK-zXubt-YzC4iRQ51iBWo2BAKoeFmnUHt5qbAvGg7h-OBH1ad4dV1kLZ1pDC9DK0eYOjMk-5hk3Y90epoRuT7iyNAPGqv1g6X-5IwjgqvGKKuVVEcWk4mRc2ieIGAt3gQ3HYMT0ZaotK01BBZfykpgBelmDay0I1qIDvUwuFmB3tYR0RA_O10RsO42P4QMMwTvdCv9l1toTzcH7nOO5iwPVg700B20LDIHs7w270GATB2r5pQXgKjFRFLeudHWn2ecgtVvrR4KTjVnnHJTc9mO4BAu-vK0TaGHSKhUmTz3xbKvdNgddrBVnTyIlIcQbCwcfHJfqOpiQUT18OEZtPnzasyAunHx75toKyo6p-x1nXvImDLYEf_Vl3S4R_QXzbt-HUQOn9A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3M5IWXq4YszuH5W0ZZmPt7gEyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBNABT9AdIELZymCtxY2bAKijSoIkcBCoqVtyXRQS4E41u5iaSIzZ7kPwQBWTLYHoIjc5yPAr05_4Gj3EKZQkZwwj1tahIL8A8eFvEJbsBB4eZAvaWFAST128DD8q1Zl8KmSUsdkL1g8ogB9nz5yBye9ihVr4bLKqyJnarQIffeNkAlBPwSLWoxVJqOErtmz5QgV1SKrWWuPZLCdQe-FIE5h5JVGTSPvS5lnSJNpGqZlCkBgzfbw7op6ypP__XF3VTLjz6bu9hi9NXoymZcocyQd_VYAGsJqfnOuR9LezAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3J7WTV-O2_0WG2oOQfS2KznOtqow%26client%3Dca-pub-4056521106463804%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0748b1af17b42aacd5da0fc667455bdf50152fb028a5e82b5a594a930c79cbac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ohkC8yf0hSk9SF8YGXjodxObDgxNwYKpBY2cgkIEiz9DS2mpHd-ga0jBO5qbsz2fyy1kF7dbXjPSsGRDzHraMyANelFNE_0G2NsyMulDWFfcdw9__zaqQBceXYe6_YjD4uKOoo9PhX3HMOupvJQtVR24vP-ceALbB8PxjA2cG0UUbdxkS-96ewx8RmIT4WYcg_Ief2W36h99qAHvQ58GEAM0CdVcxQnenrfJjhhQwlgrxZfL7J0ADD4CoV6zWotAttET_g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74804570
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame E07F 3 KB
1 KB 63ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:21:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E07F 137 KB
42 KB 54ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame E07F 17 KB
7 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:22:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 40EC 3 KB
1 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:21:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40EC 137 KB
42 KB 63ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 40EC 17 KB
7 KB 65ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:22:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E07F 0
0 71ms
64ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFyoWWXq4Yr3eH5rcZv6FlbAFyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBM0BT9CQqKCa3xOXmyOnMRP6SqCEDzKDAbtUvPALdd16Yk-UC-KxsVZdtYcYxpsqWeMRp-8gZZWtFtdWEIZo2WRTYgIediQbBI_J5LuO_0uw8NU7sWXcGSEFkysLgm2zSl31VTmP5G4-08qEcfQN8i5leCCKnMeCpzEEBUnfgRUyntBF1ywrBQ3Z65J_CmI_VLxfTZ6Ku8lSVDB3jL1pZUi-r3_9laRk0CWc2QIzzjRNGvnrvIZJaQKwsOmqP9ZoJVwoj01YaW1Vvesbya3IeYAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDA1NjUyMTEwNjQ2MzgwNBgA&sigh=0sFWNEdaiZI&uach_m=[UACH]&cid=CAQSGwCNIrLM3-CU-H4FZUMwiyZyRnGsK0dUQ3eiOBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E07F 0
0 83ms
25ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EN2BMKwC-gGdg2ICAgAAAITBmmpCikTMEFh6uGKKTHhmQhNfxu4j8QASAAA&wp=Yrh6WQAH7z0KGa4aAAVC_gtFN2aPvKCpOb4K7Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 318085
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DBC7 193 KB
56 KB 238ms
232ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH7z0KGa4aAAVC_gtFN2aPvKCpOb4K7Q&u=%7CpLIzbtIv72fjePshLxv15WIUQ9hdlof8NX5X1u0oKp8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbZ1qHheAZXdyvhzlQFyr2idlbJ_dqSDk4Fuh0jyOMZLaDUN0O5WjOFzTD7YkD5Kte5cMtftNFY-4W8xwATJAehU_C8y54lFj9X08NvgjjRX0UWVGK0gyNHCudv1yorMs2gkDTJolfr-mdr-cuew4NcD_cXbdPkY3gX1YCleSzxDgLFUyOMXcQlhqS-Q3rRojVKfFTh455CiBfvl9madKrrvreoXXxhd6kkoL-fD1rXqmKLoB_fZ3HnanxXQilEXfBByWgvhMHUz6-JRcAib7UNQ--Akkv7PxMkOAIR0ZsT6bWx52CP6cXOFWiTjanXCLS-eRZLqxUdpfvrtJpBk2LMoPm7CjY0A9xeW3guv6MZrpiDAviwcAHJjRFB93mRmwCjwhBAZteD-E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFyiWXq4Yr3eH5rcZv6FlbAFyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBNABT9CQqKCa3xOXmyOnMRP6SqCEDzKDAbtUvPALdd16Yk-UC-KxsVZdtYcYxpsqWeMRp-8gZZWtFtdWEIZo2WRTYgIediQbBI_J5LuO_0uw8NU7sWXcGSEFkysLgm2zSl31VTmP5G4-08qEcfQN8i5leCCKnMeCpzEEBUnfgRUyntBF1ywrBQ3Z65J_CmI_VLxfTZ6Ku8lSVDB3jL1pZUi-r3_9laRk0CXe2yOhSbvRCUZ3qCWZVKRIuf2gidxGPd6cR3D-m9JLkfOeYynbxu6JTIAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1EQSCjeANWVQJcy3U7B0M1OCkSTw%26client%3Dca-pub-4056521106463804%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=948790231&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=133&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=993&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PhKejKXhAt&p=https%3A//www.123greetings.com&dtd=136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c51a648e2ed8b5c8afb53e873fb084c2340cc1475609b8d488ccbe23fbf36965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vmj-1yf0hSk9SF8YB1Wuhnx83ACpm79MTp_SYEM20d12IXvFjioHqtaUP4g4rAV_MR8T8dYoZqXx9R_YHKVLfo4EwrxF1Wc7KVl-3p3475YAbrjnP5xGvRXf38ytsoQONCNAmZKPAE_SAvSZE8RZSoBLayePsWoj2QoBVOMy7FcG755p5JEcReZ6h4CdQNJuA54LbqXPMQcuBRhkP_n7DsjvFQc_mlwkoVRB6OkGuiRlvQAfPoNvo-cxXom5oLikL9aQEw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 128991793
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 40EC 0
0 66ms
63ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CELPjWXq4YrrwH7yYiQbVmLTwCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTTAU_QMxbS_27pME5mym6kvyNUVX0z7KOKi11Be2legvCPPi7nLux8jDxAUWksuubMEeMYtpyG2RWntuuXGQ0bWKf8HfikbjKyOCoWOl_4-BGmGAfWgH6QEbvQfY22KZ0h_7XHzYUDzGJS_lALfWa7ksTZwOzIUd-nCje0-CUBxkeaLb5-52_XaADay2Zv_1ImeMfT3Yl95KByLuM6ciz33-Q850--Ye-f7Nz0OP3UxFM6HvUf1wkfodzMJg9jyWMkaPoa5vlD1DfRDYmp9gucSdYDzoqABrCan5zrkfS3swGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwNTY1MjExMDY0NjM4MDQYAA&sigh=RLka0vAkzLM&uach_m=[UACH]&cid=CAQSGwCNIrLMRY288M2et_Ay-A_UxD1EM-gmRCX4axgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 26 Jun 2022 15:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:13 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 40EC 0
0 79ms
24ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLKVEN2BMKwC-gGdg2ICAgAAAITBmmpCikTMEFl6uGK7xNx_-Tf5zykiBwASAAA&wp=Yrh6WQAH-DoKwkw8AA0MVRwnLD7YWNFk9g0qKQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 203702
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 18F0 161 KB
53 KB 140ms
138ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH-DoKwkw8AA0MVRwnLD7YWNFk9g0qKQ&u=%7CpLIzbtIv72feh9CmQ0bB4wsQsFVKDOu7Uj1cmOePKc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbmsK-zXubt-bzgxjsQ17iZfKrBf6LGaZrEaittpFi5WlYfCtV7OOwCDTR0hIdK4y9oL4Dk026KWu79uzQKnCxrdQfKyg5ebUWWkx2k1Xtqeb6gKluNgfYYY8trcS-vVQ3e50TaKWWWoVJWI52KRi_8rcpDAl7LJmLotbDn7yjiZFg9H-yojYqKxhx6fIgLKKYEswtspM5odsd3VMCdmTH4O5bMGzmTJ_J8Pub6nUJ8A8qUgig9Wp275cRopo0s9eb7VORcUj4LprSURlcp6lk1jJdHhM8F-sLSSBuMZZ5PKytwpP81OdrWbhv5nCII3jsY7XoBZT9BVmhvGNNRp7vMgrsLzKNuSPwO4QbcbnrdwWPTe5lWUKZLx3UJblwrIBi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa0LYWXq4YrrwH7yYiQbVmLTwCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTWAU_QMxbS_27pME5mym6kvyNUVX0z7KOKi11Be2legvCPPi7nLux8jDxAUWksuubMEeMYtpyG2RWntuuXGQ0bWKf8HfikbjKyOCoWOl_4-BGmGAfWgH6QEbvQfY22KZ0h_7XHzYUDzGJS_lALfWa7ksTZwOzIUd-nCje0-CUBxkeaLb5-52_XaADay2Zv_1ImeMfT3Yl95KByLuM6ciz33-Q850--Ye-f7Nz0OP3UhlEbjHKQSxqgPchv9jLFMWowYkwQyOHBYP_sq3sW6CeEzHyH3TVWH76ABrCan5zrkfS3swGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0a12cz7zRSrrtT5BzXFg3s6DLngg%26client%3Dca-pub-4056521106463804%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=250&slotname=1859592561&adk=2335642084&adf=3219737328&pi=t.ma~as.1859592561&w=300&lmt=1656257113&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113335&bpp=1&bdt=555&idt=144&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=3469184984513&frm=20&pv=1&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FIYZERVYzl&p=https%3A//www.123greetings.com&dtd=149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1cef4986cd9ae115be788f37a61d5e61f5603b230339c33cad79e7914cf11a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3Wnvgif0hSk9SF8Yp_6JbmfD8ITwSWpVEjX7WkKLU55ydZ6e28lBMrYRr8hGkS80hynWE1o9edfHwOTNmGBhoHrq04jSUikbDUKWdor82LJx4BaNVFJ8dZXMbfnjT2i4pa1mJ41eqMThOf3CnqFytJnPdCCLDZpLfzMUVtOiUZYe0ux63EHveBK78kgKfDuqMXzlkJ5BW6g6dHxaJ7DEmJ_ZYsdyht2D9abQgwgIN-HPKEUALNDW4UR91CLUveGoObgneg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70178505
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
BLOB 200
OK c2cdaa4d-d577-4b10-816d-01fe3297ba7b
https://www.123greetings.com/ Frame 7E60 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/c2cdaa4d-d577-4b10-816d-01fe3297ba7b
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 5D52 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee759b9f669f3115afb49c4799ef9f7bf92741d5e04ef725511299f2608b7ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 47ms
47ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257113801&oz_l=4437&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated
/ Frame E82B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 900f4397ef051b9426b9394d95669de7036581a8d038954820cb0bf1b27ccb54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7F51 2 KB
1 KB 134ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH90wKGVoVAA3HmcZ7nu9pa0ZsDzzeWw&u=%7CpLIzbtIv72cM9Uv3oyjBei8BqN8tZg1kxRB756yr2%2BU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbmsK-zXubt-YzC4iRQ51iBWo2BAKoeFmnUHt5qbAvGg7h-OBH1ad4dV1kLZ1pDC9DK0eYOjMk-5hk3Y90epoRuT7iyNAPGqv1g6X-5IwjgqvGKKuVVEcWk4mRc2ieIGAt3gQ3HYMT0ZaotK01BBZfykpgBelmDay0I1qIDvUwuFmB3tYR0RA_O10RsO42P4QMMwTvdCv9l1toTzcH7nOO5iwPVg700B20LDIHs7w270GATB2r5pQXgKjFRFLeudHWn2ecgtVvrR4KTjVnnHJTc9mO4BAu-vK0TaGHSKhUmTz3xbKvdNgddrBVnTyIlIcQbCwcfHJfqOpiQUT18OEZtPnzasyAunHx75toKyo6p-x1nXvImDLYEf_Vl3S4R_QXzbt-HUQOn9A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3M5IWXq4YszuH5W0ZZmPt7gEyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBNABT9AdIELZymCtxY2bAKijSoIkcBCoqVtyXRQS4E41u5iaSIzZ7kPwQBWTLYHoIjc5yPAr05_4Gj3EKZQkZwwj1tahIL8A8eFvEJbsBB4eZAvaWFAST128DD8q1Zl8KmSUsdkL1g8ogB9nz5yBye9ihVr4bLKqyJnarQIffeNkAlBPwSLWoxVJqOErtmz5QgV1SKrWWuPZLCdQe-FIE5h5JVGTSPvS5lnSJNpGqZlCkBgzfbw7op6ypP__XF3VTLjz6bu9hi9NXoymZcocyQd_VYAGsJqfnOuR9LezAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3J7WTV-O2_0WG2oOQfS2KznOtqow%26client%3Dca-pub-4056521106463804%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7F51 2 KB
1 KB 138ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7F51 308 B
636 B 125ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7F51 293 B
621 B 125ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 7F51 43 B
1 KB 188ms
39ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=62b87a58d1fc47a4cdb0dafc68bf3531

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 26 Jun 2022 03:25:14 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 26 Jun 2022 15:25:13 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7F51 43 B
348 B 128ms
39ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ilz1Xn4amjgfezBkzt34uZF6zzNpO-Hic70iQmGZWLB3HCHf0JGBZGtV6jYSfI9c9xuycpPXk4yjsj4otdhydaSYJ5wIgdH5RGOgyCwbBFslka0QTWkPYgtJlmASg3oKrEnq_ibRJiwBUCWkUMzAXH7Lsbv-Gs5qbSPCWfFe79LzD6BYNA7jnxK9efoeutW2SfAetr0i-UUt7wq-JDkHXXI1EW2qcDXcsy9uwKGJyidmN_2EUgn_wmgXtcyhe0tZcW44r6ugBsvgcpRt0ooOZ5o4C3jYZIQj3RX0KKPcVTLbwzG-b3yssyH3Mnt7uN0SPHKNhG4nqs3_Gml2v_7tWpqyRMsvIBP0tVWk4fs6tYV02TfWOhoX_JexnHvjASPVTjZS00LLFVdffGoaTGPRQq7l4YjCuta_RwynOrs0irdwY1KsWHofGehdi1uad-n2G6GZPw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:13 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2886484
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E07F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119bf0b12ec8cba7da8621afec72a8c0ba3b0ed2dadf089f6689a59ef308ca59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 40EC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8e9cf947ece5ab0c4ef7094c704ac9c90bee5fe3c1851898d50014f5be92424

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 18F0 2 KB
1 KB 136ms
63ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH-DoKwkw8AA0MVRwnLD7YWNFk9g0qKQ&u=%7CpLIzbtIv72feh9CmQ0bB4wsQsFVKDOu7Uj1cmOePKc4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbmsK-zXubt-bzgxjsQ17iZfKrBf6LGaZrEaittpFi5WlYfCtV7OOwCDTR0hIdK4y9oL4Dk026KWu79uzQKnCxrdQfKyg5ebUWWkx2k1Xtqeb6gKluNgfYYY8trcS-vVQ3e50TaKWWWoVJWI52KRi_8rcpDAl7LJmLotbDn7yjiZFg9H-yojYqKxhx6fIgLKKYEswtspM5odsd3VMCdmTH4O5bMGzmTJ_J8Pub6nUJ8A8qUgig9Wp275cRopo0s9eb7VORcUj4LprSURlcp6lk1jJdHhM8F-sLSSBuMZZ5PKytwpP81OdrWbhv5nCII3jsY7XoBZT9BVmhvGNNRp7vMgrsLzKNuSPwO4QbcbnrdwWPTe5lWUKZLx3UJblwrIBi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa0LYWXq4YrrwH7yYiQbVmLTwCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTWAU_QMxbS_27pME5mym6kvyNUVX0z7KOKi11Be2legvCPPi7nLux8jDxAUWksuubMEeMYtpyG2RWntuuXGQ0bWKf8HfikbjKyOCoWOl_4-BGmGAfWgH6QEbvQfY22KZ0h_7XHzYUDzGJS_lALfWa7ksTZwOzIUd-nCje0-CUBxkeaLb5-52_XaADay2Zv_1ImeMfT3Yl95KByLuM6ciz33-Q850--Ye-f7Nz0OP3UhlEbjHKQSxqgPchv9jLFMWowYkwQyOHBYP_sq3sW6CeEzHyH3TVWH76ABrCan5zrkfS3swGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0a12cz7zRSrrtT5BzXFg3s6DLngg%26client%3Dca-pub-4056521106463804%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 18F0 2 KB
1 KB 107ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 18F0 308 B
636 B 74ms
62ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 18F0 293 B
621 B 75ms
63ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 18F0 43 B
1 KB 148ms
42ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=62b87a59fd12e24a9fb78f5414a36c78

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 26 Jun 2022 03:25:14 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 26 Jun 2022 15:25:13 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 18F0 43 B
347 B 48ms
39ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=z_z3aX4amjgfezBkzt34uZF6zzP0-JeMiaTnLnRn4-pAzEtUMjUR2fxpZeh22a-mFjMEhD1M0vgOfiVlsz6M7dLYURBlAuDKSPyW5l854Kdp89WgLYMT8llLCYU8QRBlGT4Bfy3usJUE5e9mcpERCVuFSS5VrW43oP8tUsGHG-B7xB8hxP-fnQuvxKtAyNb8XctsRrAJZZYWy0XQG8tFX73EOc9Et8dryZB06qPMSLP_w2AYGp4yj_l_uiHOOVntdhGi5nSxcrWEilEx6OFU8uJOZPR2NabFA-fKH9CEbDe_lFkl2c4iVThiWswhrGoMlChQAxE7_ZjYrlv6IwJZ6Jbsv7fbrD8NWhdlYdaTYPaoNIBNoiODy5dGEF2_dzjDVzcmgecEbROZeqX5DKTbZdyq8GP2-C04C5M8g52kTuX-jC5jgYE9FoJFySVjIP5iUKE9iA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:13 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3158705
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7F51 12 KB
5 KB 105ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1543436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iScym48PQ56pYq3TXYkkF4laEcp%2F2K6nZR9Zr58XCikNjfjL0eKTebhuC%2FrOsj5%2BeQh%2B0D1EmN%2BNY1Uw%2FfYv%2F3BzOmsSUH0Iv81J19CadJcyCoaMFMGHXclCkpTYFNT9vI8bO34g%2F0MrbDoerD1btDyQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7216f452affccc4e-ZRH
expires: Fri, 16 Jun 2023 15:25:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7F51 12 KB
6 KB 85ms
36ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 12 KB
12 KB 135ms
60ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&s=X3keLVAKCRfXrDTIxFIhqDM_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f37f0d081e4853168ab6a3c677d87eb30311630d8f13df5f051cfb92218d25fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30889372
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12330
expires: Mon, 19 Jun 2023 03:48:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 6 KB
6 KB 169ms
94ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F1%2F100108605118501_0_1642686208102.jpg&v=3&w=400&s=yZRx4bdXhx9XBhB5R3hPVRZH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5390fbf5ea2e6a10242e2ec3106e60dcee03accdb4f43075332ff082dc383064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7085937
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6102
expires: Fri, 16 Sep 2022 15:44:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 4 KB
4 KB 104ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F2%2F100126289317000_0_1645155099340.jpg&v=3&w=400&s=RNXXqZU623eLYu4XF7QEo7aK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b47a82a711d1f38a445a42752dcd9f0d5316849ca7ca98795cf9ff9fcb84174e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5267631
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4078
expires: Fri, 26 Aug 2022 14:39:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 22 KB
22 KB 138ms
64ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100137372416000_0_1652818072405.jpg&v=3&w=400&s=bvAxchThCLKlu4pXNjHHYRco&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

89fd4d03b990091c7350a2843f25d813fc720e7cc9f5501f1ca9be27813c3db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7274255
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 22718
expires: Sun, 18 Sep 2022 20:02:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 13 KB
13 KB 143ms
69ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Ftradebyte%2F02%2Fmedia%2F1315%2F467173-62964bda92188.jpg&v=3&w=400&s=igZOpY1TMC__7Ep5m61d08df&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c4023f688e0dcb87b8b8c2b03e452f4dd8b06b52aef71fcf54f31d2749eb3f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=61329
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13472
expires: Mon, 27 Jun 2022 08:27:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 4 KB
4 KB 219ms
145ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F21%2F8%2F100121861913000_0_1629346954142.jpg&v=3&w=400&s=YQgfs_DFXKtafly0W50JmlO5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5e6185bfcb30b603f7bbe3ca33712c86cca8a1a03864926ddd054d1fe5ff8319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6107636
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4246
expires: Mon, 05 Sep 2022 07:59:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 2 KB
2 KB 126ms
126ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F3%2F100125676211000_0_1648627092904.jpg&v=3&w=400&s=1H7gOJfZyb1A6gXOMTGRRx3O&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1ec0924d33feeea1101de8d1f6400bf1dbdfe44d530b28ed0d091f4f6eb541a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5675149
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1656
expires: Wed, 31 Aug 2022 07:51:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7F51 0
127 B 94ms
30ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ohkC8yf0hSk9SF8YGXjodxObDgxNwYKpBY2cgkIEiz9DS2mpHd-ga0jBO5qbsz2fyy1kF7dbXjPSsGRDzHraMyANelFNE_0G2NsyMulDWFfcdw9__zaqQBceXYe6_YjD4uKOoo9PhX3HMOupvJQtVR24vP-ceALbB8PxjA2cG0UUbdxkS-96ewx8RmIT4WYcg_Ief2W36h99qAHvQ58GEAM0CdVcxQnenrfJjhhQwlgrxZfL7J0ADD4CoV6zWotAttET_g&sds=2&rev=81817&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7F51 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7F51 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 80ms
29ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1232483633&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ul=en-us&de=UTF-8&dt=Blessings%20On%20Sukkot...%20Free%20Sukkot%20eCards%2C%20Greeting%20Cards%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=869759963&gjid=45050088&cid=1628213940.1656257113&tid=UA-5085183-1&_gid=1320247254.1656257114&_r=1&gtm=2ou6m0&z=1149039626

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 405E 400 B
839 B 71ms
21ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb0f43341fb64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&layout=button_count&locale=en_US&ref=fb_lk_cd_1&sdk=joey&share=true&show_faces=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: VZ7SClkKCKKheTRrbra11rOBO7xAflP3RnfvO0+rADJ5pTAam5EkxQFUDjvPtkOpO9hjBMGpZQT24G1aFEbzCw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 25 Jun 2023 00:08:42 GMT

GET
H2 200 ShqmlXIi6L_.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/ Frame 405E 531 KB
139 KB 113ms
39ms XHR
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yI/l/en_US/ShqmlXIi6L_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73c2fc7ba9bbd1be9687da8206f9ac6add76df7dcf813ee3a3becfc999c25925

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZgEJN4e9cIDZmlZoAfpU7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 141405
x-fb-rlafr: 0
x-fb-debug: lAcVoN7Oxe0Hja47l1WKSpGH1Iy3OAwRh4tL83nv1PO8xF19atP5HwNHueXn1EFYs8aoJE9C1WYPOHj4N7idFA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 20:24:01 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EFCE 2 KB
1 KB 48ms
48ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAHyrwKd6RmAArmn9ZErCkWFI-1qG59hg&u=%7CpLIzbtIv72e1bcnx%2Fr2YVqhrm8prZjK5F26qNIPEzNI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFUdxoq62UkqgBBORBZFh7WQ05-CM5yfyaQUBLdsORw4ujR9VqQVAvSnIUXIOr6U7J_RN0hiRerC0uTGw-Veetn_Cb9kHX4B6VjxmAy-6YflCneIDdTxckNbkiOb4k4lBuMSxQFdi9Xi9NLXDKqRSmgXchPvw8Id0nn_IfdUH_XsjZ-UypdYw6V8H7dvH81WYTkYcSbTo0kkkpPHvmd2TaCKNl8XSsBzFxvK56ZS8W-fKRif6IH2WeyW2uWYoOAIMy9mio3IgcirSuteWODFE6VLjOS_fRAHDqGJi-ccq6saWow0FJNwLjFOSAn0j-1fpQhCYOh9vzenpKpElhr4UJ8xEkCaOfZFoyXPVkkF9YbW-n9n8VpBxOR8Yag-uKaSwjjkY_r9IWelxdR1HkS-KchA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBlukWXq4YryVH-bI3gOfzauAA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTPAU_QO9h_Prevsk1LmB5j2fPq-D-UlLda2aSkjQ3Rs23yohp33xnYtxPqdrz4u1_U_oftBFVdIS6hxWcFMQY2erHzDc3kosJmzj39mwWZ2HLSohZ2Wul9vYsAOeaVyYQDOf1QsVmgel05uJpc5Ln8JI8JV0OQEE5ybKTXedTHBZzyDa33BzDc9JJ4luM-suxqSOtWEtMxlBU69N_q-a4xqyzJASMMUaw6jMtxNrWIFm2gZ10VrdQmYAgOULXd-qGLaDA1O8UEbbd4zQNc3K2_WoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2WUBGXn9f6wqRLDoTISKHgal9aXg%26client%3Dca-pub-4056521106463804%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame EFCE 2 KB
1 KB 48ms
48ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EFCE 308 B
636 B 54ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame EFCE 293 B
621 B 53ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame EFCE 0
689 B 215ms
117ms Image
text/plain 2600:9000:2156:c600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1656257113
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAHyrwKd6RmAArmn9ZErCkWFI-1qG59hg&u=%7CpLIzbtIv72e1bcnx%2Fr2YVqhrm8prZjK5F26qNIPEzNI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMFUdxoq62UkqgBBORBZFh7WQ05-CM5yfyaQUBLdsORw4ujR9VqQVAvSnIUXIOr6U7J_RN0hiRerC0uTGw-Veetn_Cb9kHX4B6VjxmAy-6YflCneIDdTxckNbkiOb4k4lBuMSxQFdi9Xi9NLXDKqRSmgXchPvw8Id0nn_IfdUH_XsjZ-UypdYw6V8H7dvH81WYTkYcSbTo0kkkpPHvmd2TaCKNl8XSsBzFxvK56ZS8W-fKRif6IH2WeyW2uWYoOAIMy9mio3IgcirSuteWODFE6VLjOS_fRAHDqGJi-ccq6saWow0FJNwLjFOSAn0j-1fpQhCYOh9vzenpKpElhr4UJ8xEkCaOfZFoyXPVkkF9YbW-n9n8VpBxOR8Yag-uKaSwjjkY_r9IWelxdR1HkS-KchA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBlukWXq4YryVH-bI3gOfzauAA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDA1NjUyMTEwNjQ2MzgwNKAB1bbS6gPIAQmpAihWtyyqtbE-qAMBqgTPAU_QO9h_Prevsk1LmB5j2fPq-D-UlLda2aSkjQ3Rs23yohp33xnYtxPqdrz4u1_U_oftBFVdIS6hxWcFMQY2erHzDc3kosJmzj39mwWZ2HLSohZ2Wul9vYsAOeaVyYQDOf1QsVmgel05uJpc5Ln8JI8JV0OQEE5ybKTXedTHBZzyDa33BzDc9JJ4luM-suxqSOtWEtMxlBU69N_q-a4xqyzJASMMUaw6jMtxNrWIFm2gZ10VrdQmYAgOULXd-qGLaDA1O8UEbbd4zQNc3K2_WoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2WUBGXn9f6wqRLDoTISKHgal9aXg%26client%3Dca-pub-4056521106463804%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:14 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: Kd2iiCc0v1FWZzTf8hsLmoUJ9jr9qf4C4pPJxK_rzxx7j64lUtujgw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame EFCE 43 B
347 B 32ms
31ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=eJEW8PdilEUGzUYjtvasR3GqREf6cgkbdI4JZYgCWcK7dihmoubBhkclL0fCyn4JYe5Epz47_V4icQqtf9Ss34QFrdkcJbKpCFZzl15fJN8Ind0a9UWOq_Gu5AtIxtt-_bORTn_ljqNwfbRzWIKb5TPVAUjvNoQp0ckmiO03G5kbXd5By8e14ibz4xvlugTDkRGjaxi9kCylQXVo9Ukss4qaktrbxz75V4vKopiXgJRMpytvYU_bhk97SmkOzcQCZbT70BKeS26Y7FWMS8v1p9km3SIF1GfjDadq1cfNk2dTfIYeBesdMifXGEeqr3UQ7vlU7_SzikHqlpfmgTPevOsDXV3NoJwnX8JSZrAR_qGleEmKkWV8ElqpMN2q0H9jjfVpiuPvmxTWczlGXyaKHEMNJPmmFSk2-CPiafByN8CafJygHP8STz2e_y_33Ddh0HPaeQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:13 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1933963
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 18F0 12 KB
5 KB 43ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1543436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QKqcg0ToWS8%2FkISDRy9%2FgeeYmsgbETF7w8a3ymMOaT2s3SQPMMxyT1ZjeFqo2tsSyHLvaTraiqltV6TYQ6P%2BmMWDmiCmpZkKEWxYv0m8QFxYaF4MfQpODhbnEM2lbBrgePvVA%2F8VMQUGtEQ665rebTj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7216f452d828cc4e-ZRH
expires: Fri, 16 Jun 2023 15:25:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 18F0 12 KB
6 KB 32ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 12 KB
12 KB 89ms
88ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f37f0d081e4853168ab6a3c677d87eb30311630d8f13df5f051cfb92218d25fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30889372
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12330
expires: Mon, 19 Jun 2023 03:48:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 6 KB
6 KB 94ms
94ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5390fbf5ea2e6a10242e2ec3106e60dcee03accdb4f43075332ff082dc383064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7085937
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6102
expires: Fri, 16 Sep 2022 15:44:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 4 KB
4 KB 124ms
124ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F21%2F8%2F100121861913000_0_1629346954142.jpg&v=3&w=400&s=YQgfs_DFXKtafly0W50JmlO5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5e6185bfcb30b603f7bbe3ca33712c86cca8a1a03864926ddd054d1fe5ff8319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6107636
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4246
expires: Mon, 05 Sep 2022 07:59:10 GMT

GET
H2 200 4e33226780084f1c9ecf45822ecd2b60_cpn_300x250_1.jpg
static.criteo.net/design/dt/8721/220623/ Frame 18F0 15 KB
15 KB 54ms
44ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/220623/4e33226780084f1c9ecf45822ecd2b60_cpn_300x250_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8701c2e51a49f52a6bd437628efda4b9907c2f083e16b5b74111c2c71a46c2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Thu, 23 Jun 2022 14:29:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62b478b3-3ba0"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15264
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 3bbd022321404ec8a107504909d03f42_cpn_300x250_2.jpg
static.criteo.net/design/dt/8721/220623/ Frame 18F0 13 KB
14 KB 50ms
40ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/8721/220623/3bbd022321404ec8a107504909d03f42_cpn_300x250_2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

83024998e688b5b7d63451f125ff5aeba24ff875e10cc10201154ebeb3eaaf27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Thu, 23 Jun 2022 14:29:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62b478b3-35dc"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13788
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 13 KB
13 KB 101ms
91ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F4%2F100129614117000_0_1650956505868.jpg&v=3&w=400&s=5oyzbX-g7Fllu4rbVBP47IYw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c6c245138c94fa87e7b359e9e8c83f1a64dc1dca3339144325b75c50406b9b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5870771
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13488
expires: Fri, 02 Sep 2022 14:11:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 26 KB
26 KB 111ms
101ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100129613518000_0_1651514673958.jpg&v=3&w=400&s=CreEvbAC-CEVeJbEYTUJCcWu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5ac537d1d5d7371993121db7bef442036f65a71330b814110f2941ec8cffd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6398368
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 26632
expires: Thu, 08 Sep 2022 16:44:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 13 KB
13 KB 101ms
91ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F20%2F11%2F100109144913000_0_1604605871729.jpg&v=3&w=400&s=zENPoUlWNWI--GWHM63aBJVz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

491c13c9641a1d487a15f9bcd9472582978f15ac1404a0fff0ca93b8246b09eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5843860
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13436
expires: Fri, 02 Sep 2022 06:42:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 7 KB
7 KB 111ms
102ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100128717817000_0_1652678653787.jpg&v=3&w=400&s=snn4Jku_2JCHbTn9wf3L2JtD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

02a93cd280c4d3b3ff1943c0391713c691f52267163406fa9ec1900c1d2cab10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6874904
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6726
expires: Wed, 14 Sep 2022 05:06:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 18F0 0
128 B 72ms
29ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3Wnvgif0hSk9SF8Yp_6JbmfD8ITwSWpVEjX7WkKLU55ydZ6e28lBMrYRr8hGkS80hynWE1o9edfHwOTNmGBhoHrq04jSUikbDUKWdor82LJx4BaNVFJ8dZXMbfnjT2i4pa1mJ41eqMThOf3CnqFytJnPdCCLDZpLfzMUVtOiUZYe0ux63EHveBK78kgKfDuqMXzlkJ5BW6g6dHxaJ7DEmJ_ZYsdyht2D9abQgwgIN-HPKEUALNDW4UR91CLUveGoObgneg&sds=2&rev=81817&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 18F0 2 KB
1 KB 63ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 18F0 2 KB
1 KB 45ms
43ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DBC7 2 KB
1 KB 43ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yrh6WQAH7z0KGa4aAAVC_gtFN2aPvKCpOb4K7Q&u=%7CpLIzbtIv72fjePshLxv15WIUQ9hdlof8NX5X1u0oKp8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYzWdEJysRFbZ1qHheAZXdyvhzlQFyr2idlbJ_dqSDk4Fuh0jyOMZLaDUN0O5WjOFzTD7YkD5Kte5cMtftNFY-4W8xwATJAehU_C8y54lFj9X08NvgjjRX0UWVGK0gyNHCudv1yorMs2gkDTJolfr-mdr-cuew4NcD_cXbdPkY3gX1YCleSzxDgLFUyOMXcQlhqS-Q3rRojVKfFTh455CiBfvl9madKrrvreoXXxhd6kkoL-fD1rXqmKLoB_fZ3HnanxXQilEXfBByWgvhMHUz6-JRcAib7UNQ--Akkv7PxMkOAIR0ZsT6bWx52CP6cXOFWiTjanXCLS-eRZLqxUdpfvrtJpBk2LMoPm7CjY0A9xeW3guv6MZrpiDAviwcAHJjRFB93mRmwCjwhBAZteD-E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFyiWXq4Yr3eH5rcZv6FlbAFyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MDU2NTIxMTA2NDYzODA0oAHVttLqA8gBCakCKFa3LKq1sT6oAwGqBNABT9CQqKCa3xOXmyOnMRP6SqCEDzKDAbtUvPALdd16Yk-UC-KxsVZdtYcYxpsqWeMRp-8gZZWtFtdWEIZo2WRTYgIediQbBI_J5LuO_0uw8NU7sWXcGSEFkysLgm2zSl31VTmP5G4-08qEcfQN8i5leCCKnMeCpzEEBUnfgRUyntBF1ywrBQ3Z65J_CmI_VLxfTZ6Ku8lSVDB3jL1pZUi-r3_9laRk0CXe2yOhSbvRCUZ3qCWZVKRIuf2gidxGPd6cR3D-m9JLkfOeYynbxu6JTIAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1EQSCjeANWVQJcy3U7B0M1OCkSTw%26client%3Dca-pub-4056521106463804%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DBC7 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DBC7 308 B
636 B 36ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DBC7 293 B
621 B 35ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame DBC7 43 B
347 B 36ms
35ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ujFBVr_jr2DiokA7CNSPaws6vgMi0Cefdn9Pru7MLbizAEAImTTD35HxF9BPvnXnZ6YA-dm2jgs9Z10rSwzBQa_27ZhaS41D3S2PfjsV_XAJjQMC_Eiv5mZck9XrxIRCMvoTpxtQLLBiJgfyZ15bMqGF741pGekam_V-xipaKe271bnKxRMzRMw1SIoRT71REv9lHkI_ejwGFb1D2mS1VwFxU11BlA2zTCFwz72RBbpDZF4YU13MFU4yJ6S0Xg0vqZGlP3nc2D8kYyPTSHjqErk8zJdLv31SKb5kKoX-PLlph3EH6FhRwGerSgI9sx-2goVmYNBuqn-3lL_OWYKowI3v2LTKGZGtJzx7Y2gzpPyZ3WUldm96NXJ03bPhESqgoEWBTj-nxWRTSUZOjS3z0zIuPTlYY7m-ed6vD9eY6AjbZUqPfr0hck59XQLC3EaDAEW-2Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:13 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2993779
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=146.70.117.70&cuidchk=1

42 B
780 B

711ms
711ms

Image
image/gif

54.156.107.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=146.70.117.70&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

HTTP/1.1

Server

54.156.107.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-107-70.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jun 2022 15:25:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sun, 26 Jun 2022 15:25:14 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2725735746.9749823&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=146.70.117.70&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 145ms
48ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5085183-1&cid=1628213940.1656257113&jid=869759963&gjid=45050088&_gid=1320247254.1656257114&_u=YADAAUAAAAAAAC~&z=1700235176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Jun 2022 15:25:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EFCE 12 KB
6 KB 31ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EFCE 7 KB
7 KB 30ms
30ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31067802
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7142
expires: Wed, 21 Jun 2023 05:21:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EFCE 0
127 B 27ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=blRNnyf0hSk9SF8YZJvlEPcr8z2owJ0UkbNT8RbarpQ1RF3PiuWiLtoA7vdezMk-pG3A8Oe3QiQCsLE5dPBg464aY-qsXZjxSA-0b2XcYg9omHzrYrQ0BAYksSoHly00B4jgoenQpyZZjJvbm-GutXWhgvUSNXMf3t2708Nj-AMUf0aTp4j0LT7hFlXg_NcfIghmq3OvnZh5Drf_20pBAJb87YmR8voFvSv_nGKUqXnclXIYM5DbrZyiqdPSLHBnyWmDWA&sds=2&rev=81817&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EFCE 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame EFCE 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7F51 4 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 14:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Jun 2022 15:25:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Jun 2022 15:25:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7F51 12 KB
12 KB 29ms
29ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f37f0d081e4853168ab6a3c677d87eb30311630d8f13df5f051cfb92218d25fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30889372
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12330
expires: Mon, 19 Jun 2023 03:48:06 GMT

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 44ms
44ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257114136&oz_l=618&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 css
fonts.googleapis.com/ Frame 18F0 4 KB
724 B 77ms
32ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 15:00:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Jun 2022 15:25:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Jun 2022 15:25:14 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DBC7 12 KB
5 KB 58ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3870004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VcQ5pEDtXfA%2BgxZL0s2lPxZCjIhOKksqDUtsXgs1Hv31SemWKdnZ6kQgSAtD9F5sQY33r7OQ%2FLmYwPGR37FGXPorMmUCeOZEkSk1ZML626Lg2K%2F%2BRYNii0gdQGW8BEqmMGyggUeZm23JFOWg0gR7xQG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7216f453e9245c68-FRA
expires: Fri, 16 Jun 2023 15:25:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DBC7 12 KB
6 KB 30ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
static.criteo.net/design/dt/ Frame DBC7 45 KB
45 KB 91ms
30ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b498"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 481598564da646f69bf741ec80763656_museocyrl-500.woff
static.criteo.net/design/dt/ Frame DBC7 45 KB
46 KB 116ms
56ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/481598564da646f69bf741ec80763656_museocyrl-500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 14f5e52ec2764c239c4e666a109840bf_cpn_300x250_1.jpg
static.criteo.net/design/dt/3018/220621/ Frame DBC7 12 KB
13 KB 31ms
28ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/220621/14f5e52ec2764c239c4e666a109840bf_cpn_300x250_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

44b26297e1b96063514f448cd1b2f1601a62e6a422706a3a02d5184f87444073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Tue, 21 Jun 2022 10:04:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62b197ca-31c2"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 12738
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 10 KB
10 KB 33ms
27ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=132&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F3ce55be1f6cf4bc2a7341619c2d02a92_stardardsin.png&v=3&w=596&s=CyPdRx06uAlYAiO3bD-fyyap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d45097277e5fe304c8a44d8ac42434b4adcd201287ae9f42e63dbedda9f41876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30895166
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9930
expires: Mon, 19 Jun 2023 05:24:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 24 KB
25 KB 35ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21077128-7iEGxk8k.jpg&v=3&w=400&s=CIYyERdxNcd2KzttVKDZODCa&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ca2f439044475623cccbd633eb80ef57b76d64b29f0eafc7a2ee92848c89d391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=467112
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24892
expires: Sat, 02 Jul 2022 01:10:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 22 KB
22 KB 40ms
35ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21226121-xHKy8b29.jpg&v=3&w=400&s=XAEGuuDb_6hYM0UZiAKKxLvs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

08eda977614755a59299ac72e3cb17b347d8795cd598b90598ccce4d3c60c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=15018
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 22272
expires: Sun, 26 Jun 2022 19:35:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 9 KB
9 KB 43ms
38ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1599469073%2F20211853-5uibDOlB.jpg&v=3&w=400&s=-crd-GqEr7_Ewoaj6IRf1efq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

51706a930c7bfbdd3d479e02712fb47aa2f0f7748054468cc162ffdf5dc45709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=111376
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9128
expires: Mon, 27 Jun 2022 22:21:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 10 KB
10 KB 45ms
39ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21134197-k1P1jwVX.jpg&v=3&w=400&s=60OHWTQ0IRwzWqxqp00EP1h-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f6f55967165df6b0cfa08ab07c1893b1a6d0b5983e702c58fc9f9652dfc44f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=323531
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9750
expires: Thu, 30 Jun 2022 09:17:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 14 KB
14 KB 45ms
40ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17004266-IRQjjLHi.jpg&v=3&w=400&s=UQlNRLCPkvCgzBiNSMtjAMIF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

db563b3d40c4db0ed1cb2755410c913feb3c112f67cf774596edc56c91da1e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=531437
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14110
expires: Sat, 02 Jul 2022 19:02:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DBC7 14 KB
14 KB 46ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19164576-gHBsMx9X.jpg&v=3&w=400&s=9itr6Gs_Z2EOATGGkpkNXIBe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

773b64d02740fc44477cf3d53769a9e47915096b99a37a95ec7029d135e6f8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=233083
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14202
expires: Wed, 29 Jun 2022 08:09:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DBC7 0
127 B 31ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=vmj-1yf0hSk9SF8YB1Wuhnx83ACpm79MTp_SYEM20d12IXvFjioHqtaUP4g4rAV_MR8T8dYoZqXx9R_YHKVLfo4EwrxF1Wc7KVl-3p3475YAbrjnP5xGvRXf38ytsoQONCNAmZKPAE_SAvSZE8RZSoBLayePsWoj2QoBVOMy7FcG755p5JEcReZ6h4CdQNJuA54LbqXPMQcuBRhkP_n7DsjvFQc_mlwkoVRB6OkGuiRlvQAfPoNvo-cxXom5oLikL9aQEw&sds=2&rev=81817&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DBC7 2 KB
1 KB 34ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DBC7 2 KB
1 KB 37ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 15:25:14 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 405E 67 B
103 B 79ms
49ms Image
image/png 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1656257114016&t_start=1656257114017&t_domcontent=1656257114109&t_layout=1656257114232&t_onload=1656257114232&t_paint=1656257114232&t_creport=1656257114232&t_tti=1656257114109&lid=7113570134219635428-0

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb0f43341fb64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&layout=button_count&locale=en_US&ref=fb_lk_cd_1&sdk=joey&share=true&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: g6prlAlePCoVuKcxXh85ppBAMmbfW/iAqb8od6Zb9e/dYumWY6iOkpAvO9vCj2aFJw8URkbTendh+REPgtpVPQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Jun 2022 15:25:14 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 18F0 12 KB
12 KB 45ms
44ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f37f0d081e4853168ab6a3c677d87eb30311630d8f13df5f051cfb92218d25fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:13 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30889372
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12330
expires: Mon, 19 Jun 2023 03:48:06 GMT

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 21 KB
21 KB 23ms
23ms Media
video/mp4 8.241.9.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.9.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash: fa86037fc6bd9fa7a3c9b118bc6ffb7a63c0d70b163bb81531db1766a152621e

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=1540096-

Response headers

Date: Sun, 26 Jun 2022 15:25:12 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 2
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 1540096-1561329/1561330
Connection: keep-alive
Content-Length: 21234

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7F51 13 KB
13 KB 112ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:23:45 GMT
x-content-type-options: nosniff
age: 331289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:23:45 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7F51 13 KB
13 KB 133ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 331214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:25:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 18F0 13 KB
13 KB 105ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:23:45 GMT
x-content-type-options: nosniff
age: 331289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:23:45 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 18F0 13 KB
13 KB 129ms
55ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 331214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:25:00 GMT

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 68 KB
0 24ms
24ms Media
video/mp4 8.241.9.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.9.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=65536-

Response headers

Date: Sun, 26 Jun 2022 15:25:12 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 2
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 65536-1561329/1561330
Connection: keep-alive
Content-Length: 1495794

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 50ms
50ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257114297&oz_l=6688&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 41ms
41ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257114449&oz_l=238&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206220101/ 149 KB
53 KB 236ms
236ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206220101/reactive_library_fy2019.js?bust=31068188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea523b7dbe12fbc91b8202548d8d4b96aa90af9040df7f8623dfe009548fd04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54414
x-xss-protection: 0
server: cafe
etag: 86721877650001038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Jun 2022 15:25:14 GMT

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 48ms
48ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257114631&oz_l=328&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 /
log.pinterest.com/ 0
333 B 199ms
127ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=BU9m__wYSgR6&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&viaSrc=canonical
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 3
x-cache-hits: 0
content-length: 0
x-served-by: cache-hhn4045-HHN
pragma: no-cache
server: envoy
x-timer: S1656257115.737563,VS0,VE93
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 2754610318830320
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
BLOB 200
OK df6fc1c6-7c14-4571-bc14-3a48f28d777a
https://www.123greetings.com/ 795 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/df6fc1c6-7c14-4571-bc14-3a48f28d777a
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27d38b2bf6e2587c97b6f90924caaf92458968e2a33d8c529a1ffa2ffba8544a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 795

GET
H/1.1 200
OK 121029.js Show response
s3.amazonaws.com/123g_fb_comments/ 27 B
413 B 490ms
126ms Script
text/javascript 52.216.16.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/123g_fb_comments/121029.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.123 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 66b930c528fcf1201ec716daf6685d909bc2497d9acfb2cf2182563de1c0a169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:16 GMT
Last-Modified: Wed, 18 Sep 2013 05:48:34 GMT
Server: AmazonS3
x-amz-request-id: W6D07CD9M5JKHDYP
ETag: "4605924ffef2bb0cdbd64bdbde1e2760"
x-amz-meta-colour: pink
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 27
x-amz-id-2: bboGIhDnwrNfs58b5uUCPijWpzKDa4liIYeeDP12reF+VB1AD3ujKXsqu4rvJdflHxT28Cw5EqQ=

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 83ms
34ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 141ms
54ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/ Frame 9DA2 10 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 00:14:28 GMT
etag: 10429905676100781186
expires: Sun, 10 Jul 2022 00:14:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 50ms
50ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257114783&oz_l=5844&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 css2
fonts.googleapis.com/ Frame 9DA2 4 KB
636 B 95ms
42ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 14:12:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Jun 2022 15:25:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Jun 2022 15:25:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9DA2 205 B
742 B 86ms
25ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 14:15:48 GMT
x-content-type-options: nosniff
age: 4166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Jun 2023 14:15:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9DA2 604 B
695 B 86ms
26ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 10:43:53 GMT
x-content-type-options: nosniff
age: 16881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Jun 2023 10:43:53 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/elements/html/ Frame 9DA2 19 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:12:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D52 42 B
64 B 113ms
59ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZLN9MJWdk_tO9qs69KjK7DPouaMWXoTJEi6oP7tzHsN9RnP3v4jOibEWMoW0FjsFyDYBYv6Rdsa4B8NZ9FwCzAZM&sig=Cg0ArKJSzF80l9s_TKlPEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2335642084&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656257113467&rpt=363&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E82B 42 B
64 B 87ms
60ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJl1llSjSIqyg0jRuWa5LgJF19-eyAK33wJHG_jxKCRP6J5I3eZLkRlVW-DScirlOm_nvmqBvQBdIBj-ZE6DHKyZo&sig=Cg0ArKJSzMlr4Dj21R30EAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3916771214&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656257113458&rpt=388&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 78F4 8 KB
893 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 14:57:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Jun 2022 15:25:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Jun 2022 15:25:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 78F4 2 KB
902 B 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:20:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame 78F4 21 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:24:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 78F4 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:21:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78F4 137 KB
42 KB 100ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 78F4 17 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jul 2022 15:22:52 GMT

GET
H3 200 10f77a9ed5e9dbc13462adf17b625271.js Show response
www.gstatic.com/mysidia/ Frame 78F4 31 KB
13 KB 82ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 05:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 05:26:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E07F 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLgliaGD4gUiDiE3ZeKdFeumOyZwCgu4xa9kUzBdtZmFRFx1ZygDbmt0Yqfmp8PknbZSv0oXcdPGba-j3nkeIla3I&sig=Cg0ArKJSzIFXLfX-QPxAEAE&id=lidar2&mcvt=1019&p=0,0,250,300&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=2335642084&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656257113472&rpt=402&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 54ms
53ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257114960&oz_l=7814&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 all
csm.eu.criteo.net/ Frame 7F51 0
127 B 41ms
40ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3775 35 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:06:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 15:06:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EFCE 0
127 B 29ms
29ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:14 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame D438
Redirect Chain

https://www.facebook.com/v5.0/plugins/comments.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.1...
https://www.facebook.com/plugins/comments.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123gre...
https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123gre...

137 KB
32 KB

268ms
268ms

Document
text/html

2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a302c57fb4611abd23f16c342b2d3ba7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abd154dc93c4c696ffa85bf86b02ce6be8bce363c54f8a97862424e6910d7c39

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sun, 26 Jun 2022 15:25:15 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ir1m1rqM3yaJWZqvHLHXxpoW4gqRufczI5ik3fEOuEmfpHycQqZhd4MT0aLma9qTngQH8OKwa4cyAt+hPbGcHQ==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Sun, 26 Jun 2022 15:25:15 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600
priority: u=0
strict-transport-security: max-age=15552000; preload
x-fb-debug: O6jZssWMwgiKpXuYNYNQ9rgwnBziJzMUe49PFhBYTkcPjeFlTgMv6kFNMNzqgedPiEvVX8OfXI2ekBUxHcM+EQ==

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
27 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6a8688eb53bddbca9b000f4a4222c0de33094034ee881417a7ad3e8339de13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28123
x-xss-protection: 0
server: sffe
etag: "1256 / 722 of 1000 / last-modified: 1656108497"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Jun 2022 15:25:15 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DBC7 0
127 B 22ms
21ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Jun 2022 15:25:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 pubads_impl_2022062201.js Show response
securepubads.g.doubleclick.net/gpt/ 373 KB
127 KB 281ms
9ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 11:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129224
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 08:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 26 Jun 2023 11:05:42 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 655 B
884 B 61ms
25ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ab1583aeb8904fea5d6cdfcf8dd375e9866688ead8da67e0fff548887a185aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Sun, 26 Jun 2022 15:25:15 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
24ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 221 KB
24 KB 800ms
765ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=113089884851684&correlator=1299989199060247&eid=31067746%2C31067915%2C31068209&output=ldjh&gdfp_req=1&vrg=2022062201&ptt=17&impl=fifs&iu_parts=46400095%2CDesktopWeb_Showcard_LB%2CDesktopWeb_Showcard_EcardStrip%2CDesktopWeb_Showcard_Mrec%2CDesktopWeb_Showcard_LowerMrec%2CDesktopWeb_Showcard_BottomLrec%2CDesktopWeb_Showcard_EcardStrip2%2CDesktopWeb_Showcard_LMrec1%2CDesktopWeb_Showcard_LMrec2%2CDesktopWeb_Showcard_LMrec3%2CDesktopWeb_Showcard_Video%2CDesktopWeb_Showcard_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C300x250%2C468x60%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1&ifi=10&adks=2931586391%2C97135718%2C2334180326%2C912788858%2C619234847%2C3674860380%2C36811275%2C2261275357%2C4099441217%2C1380049161%2C265943010&sfv=1-0-38&ecs=20220626&fsapi=false&cust_params=site%3D123greetings.com%26section%3Deoct_sukkot%26page%3Dshowcard&sc=1&cookie=ID%3D405d2d8859519f60-22dd7c8108d300c6%3AT%3D1656257113%3ART%3D1656257113%3AS%3DALNI_MYdIIc3JvzV19hCkBdQ8cQ_CJTUZg&abxe=1&dt=1656257115633&lmt=1656257115&dlt=1656257112780&idt=2830&biw=1600&bih=1200&adxs=-9%2C401%2C-9%2C-9%2C-9%2C402%2C-9%2C-9%2C-9%2C310%2C321&adys=-9%2C239%2C-9%2C-9%2C-9%2C929%2C-9%2C-9%2C-9%2C2547%2C1021&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C612x60%7C0x-1%7C0x-1%7C0x-1%7C591x60%7C0x-1%7C0x-1%7C0x-1%7C983x2538%7C628x0&msz=0x-1%7C468x-1%7C0x-1%7C0x-1%7C0x-1%7C468x-1%7C0x-1%7C0x-1%7C0x-1%7C980x0%7C628x0&fws=2%2C0%2C2%2C2%2C2%2C0%2C2%2C2%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=true&btvi=-1%7C0%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C1%7C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4adb7232d4d047fc05718c5d4c62210f5793490300588dfb371025a4ec88b982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24047
x-xss-protection: 0
google-lineitem-id: 5292193851,-1,5293205434,237051735,4684787180,5185910330,5054488047,5054615482,5305849375,5984529975,5461263814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302591891,-1,138302527698,99278132415,138234273911,138289342963,138269507485,138269508478,138304012243,138388526769,138321279906
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 81CA 6 KB
4 KB 77ms
17ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:15 GMT
expires: Mon, 26 Jun 2023 15:25:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame D438 721 B
449 B 27ms
10ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVSJF/6ycs/5uNocEebDvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 392
x-fb-rlafr: 0
x-fb-debug: lFH2XE5XyPioRf0t/yDlyfu/hGcaf4lpV3PlTzuMeEDfMEMQLZeRz57EdF8TXnYhD4CxpuySKBBbQ4aatTFtOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 16:34:18 GMT

GET
H3 200 wvZWaQbGrTr.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame D438 125 KB
20 KB 28ms
12ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4SeHpPROPfPtACyhfXFABg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20389
x-fb-rlafr: 0
x-fb-debug: gh92m9HPBlg5dMQb0SJPItyIGemtAmEKPoSNZ5qrL6pDIshSdaEmjoSTBqOVf1om1LBkazknHeOaXgZKqMbEVg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 20:03:19 GMT

GET
H3 200 rPnhFdgcah1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame D438 318 KB
86 KB 70ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/rPnhFdgcah1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c5201272b39ae8fcda1b239ff6306e29c8cd22c4d555e01170501c24d77aa39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 89Vd16g0hMjyXUOavXUrrw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87729
x-fb-rlafr: 0
x-fb-debug: ZqpZkXzhb1EvzrGiPg5FfZCr78knzS2QKCb2Iv6vEqMHqjQ4+R3QXSIjqXqLHwHvY9jKdMpHr6GDyHHGbEyL3A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 20:08:24 GMT

GET
H3 200 1H0BqMo_5Wo.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yQ/l/en_US/ Frame D438 152 KB
42 KB 36ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yQ/l/en_US/1H0BqMo_5Wo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

006f82612d2a260e9ceb884c3e927eab200cc49a4a774a80953ce48a5bf16c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vvaWjMC2siSLOPUCqeXOYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43077
x-fb-rlafr: 0
x-fb-debug: OCvq1GOdyB8yLbqR8HuMjkI+mNV1N/7/GzalzLWxKHoRpTElM9Nhyxb09ro9BxBuOYgn827Cu5Pq/KzTYCnUfQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 21 Jun 2023 23:33:21 GMT

GET
H3 200 ZyWcqRwVFBp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame D438 32 KB
10 KB 47ms
31ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/ZyWcqRwVFBp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6b856f855c31fc208d90711a6f1a4c678f6e0f5abe7a7776acb71963bc5c2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4ePFTm1+QyGPRKHpje/+Uw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10271
x-fb-rlafr: 0
x-fb-debug: l5CVrEWL4r7262L/j+4ZQ8OQMfTf6A1kL84TTpVuLtJ68YXjmlsnxV1gsqP7hVYSCv7uEZKmfYQQJuY73SDcyQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 23 Jun 2023 20:33:42 GMT

GET
H3 200 RQ1VvnlluDx.js Show response
static.xx.fbcdn.net/rsrc.php/v3iqDT4/y6/l/en_US/ Frame D438 1 MB
336 KB 48ms
32ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iqDT4/y6/l/en_US/RQ1VvnlluDx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da232504483309c1b54516cd60e47a631e9153ee8676b680d39f28fb478aaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VIq1b66aOgX9wUYezd0bkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 343742
x-fb-rlafr: 0
x-fb-debug: B6l35h4UeTiXpiy9Wqi+AtdcMV9+70Q26tz3RhXVYr13PiM+JJYp0GPNqg8pE2+jCRYOnfeRrVA/s+1VoGjj6g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 24 Jun 2023 20:26:03 GMT

GET
H3 200 KM4vffuo-0L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame D438 2 KB
842 B 26ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHjmWcicjHzSu82QnUDDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 788
x-fb-rlafr: 0
x-fb-debug: xD7sySzcMHSL+nhDQoOvyd6SPlJGD49N6Fm9V+1lBwjdRpMGpw9Id0vmyV62mbJchPKiZd1R5jXOs9cCj6szlg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 17:02:45 GMT

GET
H3 200 AeDYPw7COGr.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yA/l/en_US/ Frame D438 42 KB
12 KB 27ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yA/l/en_US/AeDYPw7COGr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60a7086329479f1f78740a078f2cd495033ab02c9dea5381859a027a34897673

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7XT5zc5ueKWeh83fQkZ+kA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12607
x-fb-rlafr: 0
x-fb-debug: 8vi3E+NWa9slyFxvFeA2yL66qEqEHHZ3BKMF/zYiRd1uCJ7dnJEmdtpR6P0ZgJGV2a/i5r6UQOBWOzZCzD/zmQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 02:31:10 GMT

GET
H3 200 54A1zBzElGm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D438 145 KB
43 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/54A1zBzElGm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/rPnhFdgcah1.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d40154580101614f2c16eff8ed83ecf1b952f053a06b3eff2219b71b8322fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KQE7mHhc3sLEEEL3DyZi/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44288
x-fb-rlafr: 0
x-fb-debug: 3t+Fi6Gs5ns8WcyZt9jN5FacuD6nllELDak3myvHJZs8CovCOThDnfVCYl7mgBa5NJ3BmqeWez6Y1v9qTmCcvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 20 Jun 2023 15:50:37 GMT

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D438 251 KB
251 KB 23ms
10ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: ODMp5NlYmJ0TAswHXpQoPaR3CEjZFD25KFA/q+4H6gJ/8SfOCYsd1NFBAi5QNO/9aVMRNEXtJ32Avb2IFC53Fw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 23:32:40 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame D438 1 KB
1 KB 15ms
11ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:15 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: lzAGfSUx4Uuqz9JKwQusAwKXmncUD/B6M1NbqIhYP1cYgAy8cVd0oDapUU2SIUQTONS4jc8i0cPJ3Z3f/5O0aA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 01:40:55 GMT

GET
H2 200 286915604_10159940975681684_3887818468353665626_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t39.30808-1/ Frame D438 1 KB
2 KB 189ms
142ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t39.30808-1/286915604_10159940975681684_3887818468353665626_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=0lJMk-NZe8YAX9xW0yK&_nc_ht=scontent-frt3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT8LGLEO-8juf0_3EajzSrhjGW55THrEonJDspZYmh5lKg&oe=62BC9385
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2342eb44124a64%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff45b7fb52dadb4%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0df374cc63fa5bcde7fd867768ae8e4e4e1494eff6675ab9215be928c91407d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-haystack-needlechecksum: 3883821520
date: Sun, 26 Jun 2022 15:25:16 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 10 Jun 2022 17:32:59 GMT
x-content-cdn-origin-ts: 1656257116014
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1607051733
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 10aW0rkc7ZP5JnKaXcMNnHwxvbKYX0IjnEcQjAK4kgjjdut4zZr0YAS0ixod_1FhB-drLa04oxl0gyvTOs_5zA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2284989880
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1380

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 35ms
35ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220622&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14833a575481bca18028db93db502141ea735fd86d7cc4a54f98b5f820f368a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10501
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 22FA 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:06:36 GMT
expires: Mon, 26 Jun 2023 15:06:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5554 783 B
1 KB 41ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74d5fda42d591bd70508ae2b7a2dfa92d4ff3e5ff6a6a39ad05589700adc4baa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r8cPxtP7dotPm5qoQC6LnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-r8cPxtP7dotPm5qoQC6LnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Jun 2022 15:25:16 GMT
expires: Sun, 26 Jun 2022 15:25:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 22FA 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:06:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 15:06:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5554 0
0 49ms
48ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220622&jk=113089884851684&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 22FA 0
9 B 10ms
10ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aIctrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
83ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220622&jk=113089884851684&bg=!GxilGFzNAAZlcKWdRXA7ACkAdvg8WgmPvK8bA0hwtz4NeQFAZdtI6sSOmqrfs380W0ZzwhACoh6ZNwIAAABiUgAAAANoAQeZAqw-aVSJJEiTB123NHcXLZ3mJy17-bPCn9-Pvb0dIJnIbFULO9uJW3ezRlgXWROgsURX2TQjTIPfdkNq_gtG_cKQ63MDpG20ja-aYhLeWfUG_lUKFxT9pqzoCy3WHSu4PsEmWn1Tp4GuA1kkqaPcChuMUOMJh79RNAvJFe-JU6qzuJxuWcv8oTE0dO0PH4bNTF2r8Eg8AtWzWZTgwO9KEhMus_ze4GLcQOhiQVcJprSXCcVRJva4pKUbgg24gXv8KG_cjexzf_v0ja4E8j90huBzXBU9RmXSngZOx_hYOeQWayKfCR8sRb_M0jT3BetH7ed6ubW2eczhod791jMn34U7lSk6r4hLxDu7lbe-YPprUN0y5I1rx9ErQR6LYJoHK5Mdu0okx2MqPzzs3AOEAoMPApbZHMNpnCUeonuUpCsBdZWDmqD_bIahLJX0U6V0Jnus62QldF0DmbYPmCYTr9GWrel2N_6iDmZ-e0tq0gyBAhSM2R7gKqjh2QmgKu8ixZ05UgVmzZleLjwfOZ0p8XdXX-KAwADtxpxvtelcWRCY2-8LiRYAJH_mOj-gYq-8umuRWVv4qp1Bab7UwpvfW-9Mgrglq76_ilHw2d8nSK5em4v94wq7c7Hq_jnjOfsszrgHQqZp-CrbxDteWiPmUKuUTaLuQiZWbzji7BVM8pzfSVfzetjqXzOtDsx2o-lU4is-hJw2s7sqc2f_JgIqYSNsaqrbSz-mlhTWePLPSNoXQ7XLCR1NkFyXGnvZ72uAxBeVWlWk98Bc8nVNabJxwFsYN5mowKd78_GS90fiDdqiRim5-LDGv-WTNtnmznziBati3qvudRjEAFpctN5Zedw7yJhV6vxJ_lZ-CKD_13Q8aMb54iHGcwxpYz5pj7aYJ3H3FDCAcrRv0S8oZXY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET container.html
b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BDD6 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E82B 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 5D52 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E07F 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 40EC 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 54ms
46ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLFwVirmOdntmoq9UYxzZsVFjBu29kzbOgju4ZoEv_kJdhk0tHSoeuuBVuo38rxSOacdtpO_okfbHXHI6noKtMPP47bmBdXnfqvEbWpPTvuojCusv8n7dBgsMVVVdYpXvpfLOP1Gy7B5uAFZqZyHLXjulkMQ3W-GZl5L7tljF3nOZ4S6M0cNkPyP_OWgN1snvSuAZE6nTWYTtp26DTBr16ojAjCzIa2gRHikw7jTAzM5dmzPkwdPQe9SZEDXfIV11wY_S28t3nAIlxDoazDCHOLW230J3hDNZw86YSic-lr7A_7aEvSHeSNoTM2T4qeaCNGVi7vWl0EA9OiHUlo6OJ2W5tN6b3cQ&sig=Cg0ArKJSzCZ9OvaYqC3qEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 137 KB
42 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 15:25:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 54ms
47ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttZwb3uLlh4E9hf8jf8mAm9k2HmAJzmXSJvdmXzi8oii68Ki8wU8aG3wtUMlcZsXMSdYYhK0nLdPcTdiQMM-x4KxHoKtEhSPSUPDZxaOt04n5ZIuO2j1RfOeGTGxZXLlyyAxSC_lkV3ejPDdt1Ks5z9VZT0pBHKIXgZwHEIL_gvWlKapOeQRNujvmliyTq1UoKRzRtENvlOjfndIaNjrz3NoRduoG1HB3tT9ZrT0kwZNwXe9sNF2saYDD85HGrJDEdzev1jlir7wmUmT9nD5U89_Vf_jS10EHi_JYy_flvdt4H5hzl2xyfeUQ2b_ssRQOWlPEsZME_XWUVPii1EXs1udhV2B0&sig=Cg0ArKJSzHumF2kSWEp_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK spt Show response
tg1.selectmedia.asia/api/adserver/ 17 KB
6 KB 327ms
210ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6805
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6805 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5bdc5d209300eccd1e7ab4def8279478af47b302e90641a04c46b2f3eb869ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 15:25:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5560
Expires: Sun, 26 Jun 2022 15:30:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 52ms
45ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv33UMqW_Od5Fy0vBWrbote-8NXCrXdIOBw_c8CmPGZXNHAbiHAmPp07yb4t4xDHlP9Dnl0ZlUCXFUmGvPzkanM1-WIMZ-Z3br4VKUF32ONS7uukg31Vc1ZCSfJX5Vo9IGIQMSAL0DB9kj_KgBJnGOOHLKSz2eB2swfU5bIu3szgvzj2bzYE4x-MVPeru2VyQ18kgx7ABA5HkQH1DOHJR60xAKyg1mp0yAzjpSxy90NrKhAnyI7XFn4AjUvJHtwtlEj6PoOrNMQta0oOE1-d4fXlJNuLztjg47yvtkmj9LBRgCivNmPDHYtt9J_BSVHEWjK7DBs8gdv0HXg5kvxDI5b6a0pVKLGlqRu2w-bhtQ&sig=Cg0ArKJSzDaMSwqbLURSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 32 KB
33 KB 99ms
11ms Script
application/javascript 2600:9000:2156:e400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 02:57:39 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
last-modified: Sun, 29 May 2022 06:35:41 GMT
server: AmazonS3
age: 44859
etag: "d29171b34ea93548beb17fd35f5b439b"
x-cache: Hit from cloudfront
x-amz-version-id: o3_UP5DBpj34HIRp37PMEele1xlw3U13
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 32876
x-amz-cf-id: 74xsfOzvLqpzf6obAmqi0o8bO6ndAefKOPjEy21GTxOaxTmRQYtaAw==

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f13f3c99b2bae0afb88c9868039890b32b062b661b04aaec49fa42c6f7be3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 9 KB
4 KB 103ms
32ms XHR
text/plain 2600:9000:2156:e00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca22e2480ba845158c3c1c6c7bcfaaebb155268da322331463f5d241d6650e53

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Jun 2022 10:39:00 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 10:34:35 GMT
server: AmazonS3
age: 17178
etag: W/"64576d7f8269abb716c5b94a7edb2f2d"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _eGA7YenR-jPKEPx8NLD_3C6uMPJL5vlZREUdxiqE5obYp0Y7Q5JHA==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 9 KB
4 KB 100ms
33ms XHR
text/plain 2600:9000:2156:e00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca22e2480ba845158c3c1c6c7bcfaaebb155268da322331463f5d241d6650e53

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Jun 2022 10:39:00 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 10:34:35 GMT
server: AmazonS3
age: 17178
etag: W/"64576d7f8269abb716c5b94a7edb2f2d"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7ullXtuwudpud7c6A4X88k45E9dNKTk2OdiLVOL7xLt9jgixaUJTnQ==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 532ms
160ms Ping
text/plain 52.36.72.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.72.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-72-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 528ms
156ms Ping
text/plain 52.36.72.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.72.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-72-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 8B47 46 KB
17 KB 53ms
24ms Document
text/html 2600:9000:2156:e400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40353
content-encoding: gzip
content-type: text/html
date: Sun, 26 Jun 2022 04:12:45 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id: Xb-ggE3rCFklVJT3iutyp2pMo1EOZRuCJ5huPJd3K_-7lzcEkqwDxA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 8B47 221 B
984 B 158ms
158ms XHR
application/json 2600:9000:2156:d200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ff10040dc425d3a0b5b57d435aea695a9ac60f14fd6205bf68837df04978c3a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 221
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sun, 26 Jun 2022 15:25:17 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: -gBMDz202zYqN4BOrX6LhhhmiltTQLcp68CI7zx6YHM1fHVpt6AqSQ==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 238ms
156ms Preflight 2600:9000:2156:d200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 26 Jun 2022 15:25:17 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: qO1-_mNuahPdA8L1Otq_Qk3_VQ5QbtZX-q53s0O4r-810yXnpfq2Cw==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 27 KB
10 KB 89ms
18ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 29d30419216381165b76642a42b4e1c3a6e68aa79bff56f4f1b5863381229c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvd8nIERIRDlMA_4Qh4KEGLTilJiRSgSIGI6CWSY_uhguYLLFlGBRpwkRHlrEOl9HNMJm7vJ91uLdHqBmWXTZFFH86Nb3OF
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9741
last-modified: Thu, 16 Jun 2022 09:56:53 GMT
server: UploadServer
etag: "cf1fcbaa18e5cb6d15bd85da1070a967"
vary: Accept-Encoding
x-goog-hash: crc32c=vmTpTA==, md5=zx/Lqhjly20VvYXaEHCpZw==
x-goog-generation: 1655373413809339
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9741
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:17 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 323ms
100ms Image
text/plain 34.226.74.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&cb=1656257117526&r=www.123greetings.com&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&e=playerLoaded
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-74-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 0BAF 380 KB
108 KB 18ms
18ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: abbc9188a88031ac44b861e0c23bdb342107b93d4a59afd12505360678d87896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtLnUT_orzrrIiSPATSyteGiJ7wPtkl6m2n64v52M71oyGG9EHwAKfyC3Pz0eOB_p2RNu4SmNPpLl4Idh3uRA7Cb7d-PpqD
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 109620
last-modified: Thu, 16 Jun 2022 09:56:53 GMT
server: UploadServer
etag: "bb6b8fc88deeed3c824792c42387ec8f"
vary: Accept-Encoding
x-goog-hash: crc32c=f6aWXw==, md5=u2uPyI3u7TyCR5LEI4fsjw==
x-goog-generation: 1655373413708625
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 109620
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:17 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
97ms Image
text/plain 34.226.74.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.31&apppkg=&fv=3&proto=https&pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&e=inventory&vi=100&cb=1656257117753
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-74-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
4 KB 910ms
152ms XHR
application/json 34.227.134.231

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&AV_PUBLISHERID=611eda6c0903a33c051dbc64&AV_CHANNELID=611edd025340b7439c55794f&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=611edd82ba4f701d4d14c7dc&AV_TEMPLATE=611eddbb0ab5df1de52e23a1&d36=6.2.31&responsive=1&sver=2&avtoken=117752&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1656257117783
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.134.231 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c16e0875dfc7d6ccf5aa5bdace41e9cc3fca37a52c7e577598090c4ace9214be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 15 Jun 2022 01:38:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 84ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR0WZaeGhdewXHaq3lP_P1y9ZX9fRl3cZFi8Cl80QX_VxpzdJ9BYF6ydwWt8ryBHd8iFZ5YBM9bfh5x_wQNrRO87Q_C9WDIzcZzB37iv9LYttpJeEEeJo5OKhBZM8rwe60dbNltovXvB2qcD9FxBguobpHPF9uLxUXJ7DBSw2iV5MNNcygBP7cN2scPFMkDXFtpjocWH6W2xVg5aBQB6MTjZ-JjP07mI9xzYx6H3QzhRSaRdGwzio3ftavSlPcHBfDIxaMqpSCUQCRjHsEcRNL_HNsYw2k_FAcwJYN_fRC4gGfXAmanIsf_LaIEqnQAnr9aMKWQW4CJRdHZ-NyU-ANOAoEWWJHFk211hPLgr_Xzg&sig=Cg0ArKJSzNeTMq_yyErXEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jun 2022 15:25:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 26 Jun 2022 15:25:17 GMT

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 106 KB
33 KB 11ms
11ms Script
application/javascript 2600:9000:2156:e400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5790069eb5aa4916aa8aba9631bcf4de494497af3c0fe7ca977012f7bd80d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:11:48 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 08:00:33 GMT
server: AmazonS3
age: 69210
etag: W/"a33accd549ac928235c21d42300be3db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: CFoUPiZLDdqfICxZ_ER0GYdzCUEx2C0C
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: OPxp1Ew-jlY0WDYJSmbYOVnSORKuoQzJZ_tsBvo8SL7_sqrG8q4aWg==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 106 KB
33 KB 16ms
15ms Script
application/javascript 2600:9000:2156:e400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0890299bdc1093ad7d084828d6bc597915c555e3b755e45b6640f95246ae80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 08:34:03 GMT
content-encoding: gzip
last-modified: Sun, 26 Jun 2022 08:33:59 GMT
server: AmazonS3
age: 24674
etag: W/"f3bc8ef7ef439c76b0e62f8679b5d10e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: FlQBk2k7AROmZ7ieQ5YvdtBax0Rqn01J
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: R2WWXsbk4_GxWp7W9qj2mRD1lzlLDq4lfb_ZiEiA2gqOLLKDpQkwcA==

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 161ms
161ms Ping
text/plain 52.36.72.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.72.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-72-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 3 KB
2 KB 159ms
159ms XHR
text/plain 2600:9000:2156:d200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&eu=true&country=DE&hour=15&amp=false

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.123greetings.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: 91jCtWJQihPH-EDGhKQZxiMPdqB681iI1MlI5Ga9q2ZSWoSQe-MNLA==

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 161ms
161ms Ping
text/plain 52.36.72.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.72.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-72-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 0
0 154ms
154ms Preflight 2600:9000:2156:d200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://www.123greetings.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 26 Jun 2022 15:25:18 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: lniUeU1ev2P49migh96yrymwmfD8OsPiiDJV4cUPjCg-jZBhBcjH7Q==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 162ms
161ms Ping
text/plain 52.36.72.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.72.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-72-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT

GET
H2 200 3.video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 22 KB
8 KB 17ms
13ms Script
application/javascript 2600:9000:2156:e400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/3.video-loader2-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7c2eb78ee1c7c5cc5791e0278689a313aa6e7d730100efa193b3594ac54f7b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: WFSHriSNtuXUcNi5970mz5yl3iGr7gk8
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 08:00:33 GMT
server: AmazonS3
age: 33498
etag: W/"6865073a7c99522e930e72ff819aedf9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
date: Sun, 26 Jun 2022 06:07:00 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8aVDY9CaSGzIO8hxAbynsxy2hhTntdI43HrYEDxdKivhIXYT2KRzjQ==

GET
H2 200 adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
474 B 27ms
17ms Script
text/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.video-loader2-cr.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
x-guploader-uploadid: ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 2
last-modified: Thu, 14 May 2020 13:22:36 GMT
server: UploadServer
etag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 2
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 26 Jun 2022 15:55:18 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 27 KB
10 KB 54ms
53ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 29d30419216381165b76642a42b4e1c3a6e68aa79bff56f4f1b5863381229c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds4wZl--2xT5levWZnU1ZmY7-tzw0jtXfFNEeAx3TO2EZVf-xP5Rlr9SJdKtx29zz25u8Q9PXbnNVGAu4r5nBJJpQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9741
last-modified: Thu, 16 Jun 2022 09:56:53 GMT
server: UploadServer
etag: "532dade28573cbedde21bf365b410075"
vary: Accept-Encoding
x-goog-hash: crc32c=2CP4Ew==, md5=Uy2t4oVzy+3eIb82W0EAdQ==
x-goog-generation: 1655373413777795
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9741
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:18 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5A2F 15 KB
6 KB 205ms
40ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1656257118609-929619316165-005982-014-000369%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=40818
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 26 Jun 2022 15:25:18 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 27 Jun 2022 02:45:36 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 24E7 3 KB
2 KB 516ms
40ms Document
text/html 23.35.236.247

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Jun 2022 15:25:19 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 0BAF 178 KB
54 KB 34ms
29ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdshBeU0iJW-vWEaFAw9tnyJs9MOqOZ_PtNLF6984Sy4YUTs1bMhkXqgpUkH2Ec7ZZBKL--KC3Nblp8QCLhJ4XwMMQ4FdzF6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 54791
last-modified: Thu, 16 Jun 2022 09:56:54 GMT
server: UploadServer
etag: "80d69965155d7abf3e386cd37d9d2d0a"
vary: Accept-Encoding
x-goog-hash: crc32c=Ie9ohw==, md5=gNaZZRVder8+OGzTfZ0tCg==
x-goog-generation: 1655373414151560
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 54791
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:18 GMT

GET
H2 200 avpb6.27.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 0BAF 73 KB
25 KB 49ms
44ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9349b46d2d5c59b60083217f00327f7f7ca3312cb9cd20ba819a2f9bf8906782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsoowej9-liOq95uNjep-AjXS1kygyVtqvroFQekSftxsn1PhWa0mO7RJmF9gwTQB4WBi_2-E6ewsM3zoIknuf-wxYO5Kkk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 24750
last-modified: Thu, 16 Jun 2022 09:56:54 GMT
server: UploadServer
etag: "5e05ce0b4c03a9bc706f5f238c9c13d4"
vary: Accept-Encoding
x-goog-hash: crc32c=6waK4g==, md5=XgXOC0wDqbxwb18jjJwT1A==
x-goog-generation: 1655373414230250
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 24750
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:18 GMT

GET
H2 200 avpb6.27.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 0BAF 71 KB
22 KB 99ms
95ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdumFpX5TvApOyJDGolXRRozUHDB5i7VO1I4kUVIitd64p94krZ0we0C861cQjvNpu71kV1XdP9-GaZwcDHkQuCos0N1QxEH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22126
last-modified: Thu, 16 Jun 2022 09:56:54 GMT
server: UploadServer
etag: "1aa6ae4ae3671f3e9a4aba0502197ae5"
vary: Accept-Encoding
x-goog-hash: crc32c=Yf4XsA==, md5=GqauSuNnHz6aSroFAhl65Q==
x-goog-generation: 1655373414234097
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22126
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:18 GMT

GET
H2 200 avpb6.27.0a3.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 0BAF 66 KB
20 KB 99ms
95ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtDHmnl0k4Zs3COHOf4xJvzjcAMTtwyGW1ppp_S2sbRGzPG_G_6iyyUCMYKnDHFf6Zwm0EIQ4cWlgSWkkr6xb0DDjDMrun6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20155
last-modified: Thu, 16 Jun 2022 09:56:54 GMT
server: UploadServer
etag: "9ab752ddf7f21e3d68cf56ab5737a1d8"
vary: Accept-Encoding
x-goog-hash: crc32c=ES5Cog==, md5=mrdS3ffyHj1oz1arVzeh2A==
x-goog-generation: 1655373414307246
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20155
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Jun 2022 15:30:18 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 0BAF 140 KB
39 KB 527ms
61ms Script
application/javascript 143.204.93.3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 26 Jun 2022 14:59:11 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront), 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 1569
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: feJ8XSOiunnLYmYE-3O1-BKo8SpvD2yi1PM5MA7yoWh-iL9fdaLRsA==

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
119ms Image
text/plain 34.226.74.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=23996&t=1656257118&cip=146.70.117.70&sn=&tgt=0&osv=10&bv=103.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1656257118609-929619316165-005982-014-000369&cha=0.7&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.31&cb=95086067649&d39=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=request&cb=1656257118712&asid=623daf9810ba54791c251d39%2C613097796588a4043247f862%2C6139cce9d1a4d007246dc416%2C620290f4539a472cae35c509%2C61f27d6798c38c4651179ae7%2C61d566284039f6201a7b3bc7%2C61f7a1ed31362927237ede55%2C623075011246244f112d2344%2C62208fddf3f8cf0965576d95%2C61769242e6ba0465685a0084&ofpr=%2C3%2C1.7%2C1.48%2C1.5%2C2.1%2C2.1%2C1.8%2C%2C2.38&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-74-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
834 B 116ms
31ms XHR
application/json 37.252.172.37

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

706a71395182d75e261d917b90ea37bdaef651e6035cf3c9f2bbcbd73048e4f7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 26 Jun 2022 15:25:18 GMT
X-Proxy-Origin: 146.70.117.70; 146.70.117.70; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e41c3760-5b15-44da-ab4a-f60f97f6daf6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 120ms
33ms XHR
application/json 51.38.120.206

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.123greetings.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
640 B 195ms
72ms XHR
application/json 104.18.19.126

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=711670&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2258fd39f507f406%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226b44d13b57f274%22%2C%22ext%22%3A%7B%22siteID%22%3A%22711670%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22skippable%22%3Atrue%2C%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A1.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22selectmedia.asia%22%2C%22sid%22%3A%22611eda6c0903a33c051dbc64%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 680f9c894c561a707001437835a1575773cf9fa4a4448a08db668e0fccfa42a9

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Jun 2022 15:25:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDjrxtPMXHid66m0ocwsrHPy4ybvkD4JqxAiCX540dX4muvBHG45CSLd07nYCecAy2bTlUxs7WTXu%2BeDMq%2BSFMBnLz42zk7fJzLAsNbctSkBoW%2Bp7oHtC1FuLWuyOXwTtu3DZI9r"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7216f471cda43afb-CDG
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
510 B 181ms
97ms XHR
application/json 18.195.191.124

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&tmax=7000

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.191.124 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:19 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 208ms
89ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Sun, 26 Jun 2022 15:25:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
401 B 154ms
34ms XHR
application/json 2a02:fa8:8806:20::2100

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ae61f90ac1be563a81f1f936f4a3436759b9c9b469450fb81a76de00d3ac7cc2

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Jun 2022 15:25:19 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
19 B 191ms
119ms XHR
text/plain 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Sun, 26 Jun 2022 15:25:19 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
197 B 169ms
96ms XHR
text/plain 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Sun, 26 Jun 2022 15:25:19 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 144ms
31ms Preflight 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 26 Jun 2022 15:25:19 GMT
server: ATS/9.1.0.46

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 143ms
30ms Preflight 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 26 Jun 2022 15:25:19 GMT
server: ATS/9.1.0.46

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5A2F 0
42 B 287ms
52ms Script
text/plain 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95957665&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1656257118609-929619316165-005982-014-000369%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:18 GMT
content-length: 0

GET

https://ssum-sec.casalemedia.com%2C%20r12.lb.indexww.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
https://ssum-sec.casalemedia.com%2C%20r12.lb.indexww.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Frame 0457
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com%2C%20r12.lb.indexww.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

0
0

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 74ms
73ms XHR
text/javascript 143.204.93.3

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&pid=S6dXVHcOQQ2kL&cb=0&ws=0x0&v=8.0.1&t=8000&slots=%5B%7B%22id%22%3A%22SM_400_300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C611eda6c0903a33c051dbc64%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:25:19 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 4XNY7AYXCMQ4SQSVV6DY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YwpYG7eaUI6JrsYSDoZl1wv2c8yaqfjEap1-DTiaSudUkialsHujGQ==

GET
H2 200 aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 84ms
29ms XHR
application/javascript 143.204.93.3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 40945
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 16 Jun 2022 07:15:00 GMT
server: AmazonS3
date: Sun, 26 Jun 2022 04:02:55 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YHNG6276eTC6VAG4t8VdB65A0JHPH9126yUCbej6-sbUXWkUxaH7cg==

GET track
track1.aniview.com/ 0
0

POST
H/1.1 200
OK postback
s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/ 0
145 B 48ms
46ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cccobh.com/2/2.62.0/945541/AVninugIEeYZPUqJ/postback?dt=9455411647029059265000&mo=0&si=main&ui=&c1=country_&c2=loginid_&c3=connectauthcode_&ci=945541&pd=acc&sid=AVninugIEeYZPUqJ&oz_sc=8866cc37ba2c7013337329b1&oz_df=1656257119367&oz_l=299&cv=3
Requested by: Host: s.cccobh.com
URL: https://s.cccobh.com/2/2.62.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Jun 2022 15:25:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com
URL: https://b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJl1llSjSIqyg0jRuWa5LgJF19-eyAK33wJHG_jxKCRP6J5I3eZLkRlVW-DScirlOm_nvmqBvQBdIBj-ZE6DHKyZo&sig=Cg0ArKJSzMlr4Dj21R30EAE&id=lidartos&mcvt=3315&p=0,0,90,728&mtos=3315,3315,3315,3315,3315&tos=3315,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3916771214&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1656257113458&rpt=388&ec=0&met=ie&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZLN9MJWdk_tO9qs69KjK7DPouaMWXoTJEi6oP7tzHsN9RnP3v4jOibEWMoW0FjsFyDYBYv6Rdsa4B8NZ9FwCzAZM&sig=Cg0ArKJSzF80l9s_TKlPEAE&id=lidartos&mcvt=3346&p=0,0,250,300&mtos=3346,3346,3346,3346,3346&tos=3346,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2335642084&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1656257113467&rpt=363&ec=0&met=ie&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLgliaGD4gUiDiE3ZeKdFeumOyZwCgu4xa9kUzBdtZmFRFx1ZygDbmt0Yqfmp8PknbZSv0oXcdPGba-j3nkeIla3I&sig=Cg0ArKJSzIFXLfX-QPxAEAE&id=lidartos&mcvt=3285&p=0,0,250,300&mtos=0,3285,3285,3285,3285&tos=0,3285,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=2335642084&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1656257113472&rpt=402&ec=0&met=ie&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8tlVqodkfymuwpn8iwYJaOJXLXdAHl3B9nXDhJTNarrfRZEeoRafH0b31SllAXbZs7q9S9kb2rzVfiuN93dPJ7oI&sig=Cg0ArKJSzJacIiSAchVZEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2335642084&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1656257113485&rpt=403&ec=0&met=ie&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com%2C%20r12.lb.indexww.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef

Domain: track1.aniview.com
URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=23996&t=1656257118&cip=146.70.117.70&sn=&tgt=0&osv=10&bv=103.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1656257118609-929619316165-005982-014-000369&cha=0.7&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.31&cb=95086067649&d39=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=bid&cb=1656257119345&asid=623daf9810ba54791c251d39&ofpr=&fpo=

Verdicts & Comments Add Verdict or Comment

493 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.jpada.com/	1970-01-20 04:14:21	Name: AWSALB Value: eFA2yFIzMhG0KLKqhiTOygDOWHEIJM7/82nuiN2zW/FVjWqCcp4uZ4tVCGc50N1plgWMSJjsZeVBVWslbEhsdC1w1CnKusWJUK/8VaFHh31mhLV8NLAPWYShmXz+
.123greetings.com/	1970-01-20 04:47:29	Name: RV_cardIds Value: 121029
.123greetings.com/	1970-01-20 04:05:43	Name: custom_mus Value: 0
.123greetings.com/	1970-01-20 21:35:29	Name: _ga_47Q5QDHYDP Value: GS1.1.1656257113.1.0.1656257113.0
.doubleclick.net/	1970-01-20 13:25:53	Name: IDE Value: AHWqTUkyWIywad64Z5Be1j1AVrPt5gqBgm0e_xC0WjNy9P4GyQQFTNE1lBWDbg5mmt8
www.123greetings.com/	1970-01-20 04:04:17	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=0
.123greetings.com/	1970-01-20 21:35:29	Name: _ga Value: GA1.2.1628213940.1656257113
.123greetings.com/	1970-01-20 04:05:43	Name: _gid Value: GA1.2.1320247254.1656257114
.123greetings.com/	1970-01-20 04:04:17	Name: _gat_gtag_UA_5085183_1 Value: 1
m.exactag.com/	1970-01-20 06:13:53	Name: exactag_new_gk Value: 02d6e95f5375444992a982c8f4164ffd%7c25.08.2022+15%3a25%3a14
m.exactag.com/	1970-01-20 08:23:29	Name: exactag_new_uk Value: 6f9019439ca9465bafce5d282177dc40%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 2a5f9e677f5648c1bcdf718b
.trkn.us/	1970-01-20 12:49:53	Name: barometric[cuid] Value: cuid_808f6aa1-7c11-4600-ad1c-376a6bf63fb9
www.123greetings.com/	1970-01-20 12:49:53	Name: country Value: DE
www.123greetings.com/	1970-01-20 12:49:53	Name: state Value: HE
.123greetings.com/	1970-01-20 12:49:53	Name: visitor_id Value: 14258265122080237770
.doubleclick.net/	1970-01-20 04:04:18	Name: test_cookie Value: CheckForPermission
.123greetings.com/	1969-12-31 23:59:59	Name: cnFbAtkn Value:
.123greetings.com/	1970-01-20 13:25:53	Name: __gads Value: ID=405d2d8859519f60:T=1656257113:S=ALNI_Ma0drbjxn9HlteJ4PNTbcXnn94bDw

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4056521106463804&output=html&h=90&slotname=1859592561&adk=3916771214&adf=3588316316&pi=t.ma~as.1859592561&w=728&lmt=1656257113&psa=0&format=728x90&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656257113330&bpp=4&bdt=550&idt=113&shv=r20220622&mjsv=m202206220101&ptt=9&saldr=aa&abxe=1&correlator=3469184984513&frm=20&pv=2&ga_vid=1628213940.1656257113&ga_sid=1656257113&ga_hid=1232483633&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31065544%2C31068188&oid=2&pvsid=113089884851684&tmod=1116761398&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MWNG7hAkno&p=https%3A//www.123greetings.com&dtd=127 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
worker	error	URL: blob:https://www.123greetings.com/c2cdaa4d-d577-4b10-816d-01fe3297ba7b Message: Mixed Content: The page at 'blob:https://www.123greetings.com/c2cdaa4d-d577-4b10-816d-01fe3297ba7b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.123greetings.com/c2cdaa4d-d577-4b10-816d-01fe3297ba7b Message: Mixed Content: The page at 'blob:https://www.123greetings.com/c2cdaa4d-d577-4b10-816d-01fe3297ba7b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js?cb=31068209(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://www.123greetings.com/events/sukkot/sukkot10.html Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef' from origin 'https://www.123greetings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
apis.google.com
assets.pinterest.com
avm.avantisvideo.com
b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com
c.123g.us
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.nl.eu.criteo.com
cdn.avantisvideo.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.123g.us
i.ytimg.com
i1.ytimg.com
ib.adnxs.com
image6.pubmatic.com
js-sec.indexww.com
log.pinterest.com
m.exactag.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
play.aniview.com
player.aniview.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.cccobh.com
s3.amazonaws.com
scontent-frt3-2.xx.fbcdn.net
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.avantisvideo.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tg1.selectmedia.asia
tlx.3lift.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
v.123g.us
web.hb.ad.cpe.dotomi.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jpada.com
x.123g.us
b02749e2297f790ccf0433f5648e378d.safeframe.googlesyndication.com
c.amazon-adsystem.com
pagead2.googlesyndication.com
ssum-sec.casalemedia.com
track1.aniview.com
104.18.19.126
108.157.4.68
142.250.184.194
143.204.93.3
151.101.192.84
178.250.0.139
178.250.2.148
178.250.2.150
18.195.191.124
18.203.130.15
184.72.245.68
185.64.189.112
198.47.127.19
2001:4860:4802:32::36
23.35.236.201
23.35.236.247
2600:9000:2156:c600:1e:a43d:b640:93a1
2600:9000:2156:d200:3:748e:7940:93a1
2600:9000:2156:e00:8:9ed9:9c40:93a1
2600:9000:2156:e400:1c:38a0:8a40:93a1
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9c
2a00:1450:4014:80b::2016
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:c::5c7b:6805
2a02:26f0:ef:285::1931
2a02:fa8:8806:20::2100
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
34.226.74.25
34.227.134.231
37.252.172.37
51.38.120.206
52.216.16.123
52.28.203.152
52.36.72.203
54.156.107.70
67.27.158.252
67.27.159.124
8.241.9.124
85.14.248.71
006f82612d2a260e9ceb884c3e927eab200cc49a4a774a80953ce48a5bf16c8a
02a93cd280c4d3b3ff1943c0391713c691f52267163406fa9ec1900c1d2cab10
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0748b1af17b42aacd5da0fc667455bdf50152fb028a5e82b5a594a930c79cbac
078ceb82bf62496cd98ef21f68af01f24b929640f472124aba42f057df07731a
08eda977614755a59299ac72e3cb17b347d8795cd598b90598ccce4d3c60c1b2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ab6d4b2d4f6660e0cc5106868e09a73e955c90a0dbec418cb63bae5a04a713b
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8
0c0bf8c97c0f2f0ba103d6d71694807b37ffa37de08e21ff56586e939b4ef3da
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
0df374cc63fa5bcde7fd867768ae8e4e4e1494eff6675ab9215be928c91407d9
0e6fb84e11c6ef0e2eb33f845c6fbb8e7076f76b9baf0be4f64195b8c93ea955
0f13f3c99b2bae0afb88c9868039890b32b062b661b04aaec49fa42c6f7be3cf
119bf0b12ec8cba7da8621afec72a8c0ba3b0ed2dadf089f6689a59ef308ca59
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
12fb8c8ed06c31e003e41850935bca35d10e58f2aa0bb936d97f504417afd1a8
14833a575481bca18028db93db502141ea735fd86d7cc4a54f98b5f820f368a3
1624c39255bcec121ecc563695148c354432e070801a013c22235c87346621c4
172d39a0e72098c0900788ddc9dd241e7aad7babd36728b468a2d9e834ad1d6b
1c75dc0181018edcb5f31db29b6b65bfd996043907ca84cd0d3604e42f3149c2
1cef4986cd9ae115be788f37a61d5e61f5603b230339c33cad79e7914cf11a46
1d85460ec8abea55f97e87ee5e01fbd930d53abf68707c0223a58e2c2f362985
1e426922be3659aee73d75cb94fce492bca0a56ba476535a5e49fc8231a54a45
1ec0924d33feeea1101de8d1f6400bf1dbdfe44d530b28ed0d091f4f6eb541a5
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
235a345327b9f8550f7a722cda87248e784d4405870c541794b024b575be6e16
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
25e1f17f2825872b341284eddaaaccfad60e44b3ca986a7165769dfdcfd3c306
27d38b2bf6e2587c97b6f90924caaf92458968e2a33d8c529a1ffa2ffba8544a
29d30419216381165b76642a42b4e1c3a6e68aa79bff56f4f1b5863381229c35
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2da232504483309c1b54516cd60e47a631e9153ee8676b680d39f28fb478aaf3
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
35276e401d27d1f4ceb5f451cd11b25ff453808d2152e338e07b4b25978f25a2
38ed72a15a801af999542026224f11fcd4546cba8fa834910747a33f25818690
3c5201272b39ae8fcda1b239ff6306e29c8cd22c4d555e01170501c24d77aa39
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3ca8161dcad8f58f38fe385fa7d75b1451477f98458f7f6d7a9dcd2d3e3850be
3cf98874bd0b1a8d9a5d869e79ff72a74025bbfb399d908d8c6ce2f3298f2747
3ec8a31e13fcb12fc39c3ab5c20e1ce6198a681a113c0c02b0c23dad7ae382da
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
44b26297e1b96063514f448cd1b2f1601a62e6a422706a3a02d5184f87444073
491c13c9641a1d487a15f9bcd9472582978f15ac1404a0fff0ca93b8246b09eb
4adb7232d4d047fc05718c5d4c62210f5793490300588dfb371025a4ec88b982
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea523b7dbe12fbc91b8202548d8d4b96aa90af9040df7f8623dfe009548fd04
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
51706a930c7bfbdd3d479e02712fb47aa2f0f7748054468cc162ffdf5dc45709
5390fbf5ea2e6a10242e2ec3106e60dcee03accdb4f43075332ff082dc383064
54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55abb13cc57f93a933ea0f3e5a5e1918c905685ee3a627498746fcfb05fc67db
5769bdfa40b03530aa926e7c9797008cbe2d22391f3767caab9e97a95c019cdd
5bdc5d209300eccd1e7ab4def8279478af47b302e90641a04c46b2f3eb869ce0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0b4ede9956b8fe3508e3d75d1ecfe66f2be8a76caa57ca023f2b9e25408ba9
5d4f372a72550e9dbad3c14b8cdc20ede9feb676418c091b438ab276f300f70c
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
5e6185bfcb30b603f7bbe3ca33712c86cca8a1a03864926ddd054d1fe5ff8319
60a7086329479f1f78740a078f2cd495033ab02c9dea5381859a027a34897673
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664837d2bb88ac17d1bc3d9c3e65cb23adf2ba6051d2c48dfe9c3dac555eb66e
66b930c528fcf1201ec716daf6685d909bc2497d9acfb2cf2182563de1c0a169
680f9c894c561a707001437835a1575773cf9fa4a4448a08db668e0fccfa42a9
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6a19eef0bcbdc0cf7bc226de1e966d894f60743a7b8ac36ac0dd3e0704bc86ed
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0a8c8d899c3a0a28219d8d7668ef0256652eee1bb63b5d96ba52cd3e18f03c
706a71395182d75e261d917b90ea37bdaef651e6035cf3c9f2bbcbd73048e4f7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
738db4924b849a16c3b0979e1562cda906374a9bc374cdb8a5b4df28734d76dd
73963f651883c39e1b16ff1f486dc3b7fd362c5f427df2adda0903fe1419674e
73c2fc7ba9bbd1be9687da8206f9ac6add76df7dcf813ee3a3becfc999c25925
74d5fda42d591bd70508ae2b7a2dfa92d4ff3e5ff6a6a39ad05589700adc4baa
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
773b64d02740fc44477cf3d53769a9e47915096b99a37a95ec7029d135e6f8b0
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7ed7edfa2d13fbf61f96ae8a4c6915a48862947e98b35e66110c697ee54b21a1
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7
82920682aeaf8d829ab19da39627483be0167e5a091ac57dcac8b34d5628e5fa
82dd4a981d9bdc00497c77c380ad77c848a6e5d0303ed1bb521a209a38c2380c
83024998e688b5b7d63451f125ff5aeba24ff875e10cc10201154ebeb3eaaf27
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8701c2e51a49f52a6bd437628efda4b9907c2f083e16b5b74111c2c71a46c2fc
88b108afe172ccaa440286f0786299af4b4801012a4b0dde7f58cfb5c03fcde9
8961bac40e3103c815ae9020416429332bb9a56b14f12fe5721fd54184400118
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
89fd4d03b990091c7350a2843f25d813fc720e7cc9f5501f1ca9be27813c3db2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8db02e3c36ac7d660d7f77f3be68d425d783b820cdf267db6f8c16381f134f13
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
900f4397ef051b9426b9394d95669de7036581a8d038954820cb0bf1b27ccb54
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
9349b46d2d5c59b60083217f00327f7f7ca3312cb9cd20ba819a2f9bf8906782
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a84239c1204d9f210f089f6c450809de4995f4f29e2dbe8280455ec1f315ac9
9b5686d5665228ad8b8e3bd8cd3ea18d40b49ee326488bc1c21cb029eebec577
9eb084612d63c1939ce99b714f5c030e5ecfce81c05b8adc4d2b2e4ffa1c76e9
9f86b2c9d77f3aae409f0a66f2bc2f2cdcba6234f7f259542a0bc4acc69507ba
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a0890299bdc1093ad7d084828d6bc597915c555e3b755e45b6640f95246ae80c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9f135f6c6578c61ecdae16d8ae575e781bdbbcd729cdda8bdecb76dc34f367b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1583aeb8904fea5d6cdfcf8dd375e9866688ead8da67e0fff548887a185aca
abbc9188a88031ac44b861e0c23bdb342107b93d4a59afd12505360678d87896
abd154dc93c4c696ffa85bf86b02ce6be8bce363c54f8a97862424e6910d7c39
abdd5d4b06aef3cae2f06af17353cb1adc72e3eadc118e1af0dfe1120e0a7d8e
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
ae61f90ac1be563a81f1f936f4a3436759b9c9b469450fb81a76de00d3ac7cc2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b085056e059cb0fbf72230f28ce3614d3a300b69205ce50f1c71bc844ac8fc57
b0dcfcdf9265f2b5fd584eaceb0b061430cb48808562bae32275176e2358e15b
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b24a2cb5992e8786101b34359e5b00b71cb48f654cbe9d0eb74133a7e45a569d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b47a82a711d1f38a445a42752dcd9f0d5316849ca7ca98795cf9ff9fcb84174e
b5790069eb5aa4916aa8aba9631bcf4de494497af3c0fe7ca977012f7bd80d4e
b6b856f855c31fc208d90711a6f1a4c678f6e0f5abe7a7776acb71963bc5c2ca
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
b8e9cf947ece5ab0c4ef7094c704ac9c90bee5fe3c1851898d50014f5be92424
bcc649e653b4fd96ff759065c7db898969e306c9c4c7ae3cbff8bc3091825f64
bcd23839e51a3a9454c3b44775b2a70b545790777e1b85e09bdde3f9f992de58
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c16e0875dfc7d6ccf5aa5bdace41e9cc3fca37a52c7e577598090c4ace9214be
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4023f688e0dcb87b8b8c2b03e452f4dd8b06b52aef71fcf54f31d2749eb3f61
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c41da44013f0e258f2518910b3eec8479929f4b99c791fcc1fe6b644a088f9b4
c51a648e2ed8b5c8afb53e873fb084c2340cc1475609b8d488ccbe23fbf36965
c5cfe6329a28119a02115058261d9103d3d94bb068133ff1fc574cca1b6f0656
c6c245138c94fa87e7b359e9e8c83f1a64dc1dca3339144325b75c50406b9b8a
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca22e2480ba845158c3c1c6c7bcfaaebb155268da322331463f5d241d6650e53
ca2f439044475623cccbd633eb80ef57b76d64b29f0eafc7a2ee92848c89d391
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cc6a8688eb53bddbca9b000f4a4222c0de33094034ee881417a7ad3e8339de13
cead727c7f108bb8a4644fa6eae433352dfb0ffeb1fe194840b6ca82c0b6e701
d0fbf06f675663f1ec793289e8eaa4dcc4eb791f90e6311ed809b506e88f3a3e
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d40154580101614f2c16eff8ed83ecf1b952f053a06b3eff2219b71b8322fe77
d45097277e5fe304c8a44d8ac42434b4adcd201287ae9f42e63dbedda9f41876
d5ac537d1d5d7371993121db7bef442036f65a71330b814110f2941ec8cffd76
d6e9c50238d011e9f8e8ab20d324428f5c03dc12061665b8bea3cfa699e8aee9
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
db563b3d40c4db0ed1cb2755410c913feb3c112f67cf774596edc56c91da1e9b
dc3bc858b071f656a2650f9399c3646b99b9ece4afa223bcaae86f762c512fdf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1c2c6b7b77b966dd42dbec5cda78e14595383a75aa465912cbd75c0e2dc569
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee759b9f669f3115afb49c4799ef9f7bf92741d5e04ef725511299f2608b7ff7
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f37f0d081e4853168ab6a3c677d87eb30311630d8f13df5f051cfb92218d25fb
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f4be46c005a086ac494c5dbfcb1e6d7df03a317c1663072fa7636bea837e0b40
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f6f55967165df6b0cfa08ab07c1893b1a6d0b5983e702c58fc9f9652dfc44f47
f7c2eb78ee1c7c5cc5791e0278689a313aa6e7d730100efa193b3594ac54f7b0
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
fa86037fc6bd9fa7a3c9b118bc6ffb7a63c0d70b163bb81531db1766a152621e
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
fc633dffe1f314ee8d65257c7943c576e389f08cfaa4b1acdce3bef337e881bb
ff10040dc425d3a0b5b57d435aea695a9ac60f14fd6205bf68837df04978c3a0

www.123greetings.com Open in urlscan Pro 184.72.245.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

314 Requests

96 %HTTPS

56 %IPv6

38 Domains

67 Subdomains

62 IPs

6 Countries

4434 kBTransfer

11537 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

314 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Screenshot
Live screenshot

Full Image

314
Requests

96 %
HTTPS

56 %
IPv6

38
Domains

67
Subdomains

62
IPs

6
Countries

4434 kB
Transfer

11537 kB
Size

19
Cookies

314 HTTP transactions
13 data transactions