www.bookeventz.com Open in urlscan Pro
101.53.132.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Submission: On October 28 via manual (October 28th 2022, 12:05:38 pm UTC) from BG — Scanned from DE

Summary HTTP 184 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 26 domains to perform 184 HTTP transactions. The main IP is 101.53.132.55, located in India and belongs to E2E-NETWORKS-IN 282, Sector 19, IN. The main domain is www.bookeventz.com. The Cisco Umbrella rank of the primary domain is 787233.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 18th 2021. Valid for: a year.

This is the only time www.bookeventz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Suspicious — 2 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 53	101.53.132.55 101.53.132.55	132420 (E2E-NETWO...) (E2E-NETWORKS-IN 282)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.216.147.116 52.216.147.116	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:d000:3:f432:a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.15 13.32.27.15	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:206... 2600:9000:206f:5600:7:102f:640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:18::9	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	() ()
2	2606:4700::68... 2606:4700::6810:5914	() ()
184	36

53 101.53.132.55 (India) 1 redirects

ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN)
PTR: e2e-29-55.ssdcloudindia.net

www.bookeventz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.147.116 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

smatbot.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

shotsofdollars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d000:3:f432:a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.makestories.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-15.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5600:7:102f:640:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.bookeventz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:18::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edndl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (None, )

ASN- ()

code.responsivevoice.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	bookeventz.com 1 redirects www.bookeventz.com — Cisco Umbrella Rank: 787233 media.bookeventz.com	2 MB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	368 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	268 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 bid.g.doubleclick.net — Cisco Umbrella Rank: 499	126 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 translate.googleapis.com — Cisco Umbrella Rank: 815 imasdk.googleapis.com — Cisco Umbrella Rank: 417	210 KB
6	google.com 2 redirects translate.google.com — Cisco Umbrella Rank: 1215 adservice.google.com — Cisco Umbrella Rank: 71 www.google.com — Cisco Umbrella Rank: 2	28 KB
4	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 106	3 KB
4	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3719	60 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 910 r4---sn-4g5edndl.c.2mdn.net — Cisco Umbrella Rank: 364590	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	141 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9167 www.google.de — Cisco Umbrella Rank: 6364	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 616 script.hotjar.com — Cisco Umbrella Rank: 771 vars.hotjar.com — Cisco Umbrella Rank: 882	69 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	87 KB
2	amazonaws.com smatbot.s3.amazonaws.com	185 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 699	12 KB
2	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 383	17 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	26 KB
1	responsivevoice.org code.responsivevoice.org	23 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2111	258 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	333 B
1	makestories.io js.makestories.io — Cisco Umbrella Rank: 121104	9 KB
1	shotsofdollars.com shotsofdollars.com	7 KB
0	smatbot.com Failed www.smatbot.com Failed
0	cdninstagram.com Failed scontent-fra5-2.cdninstagram.com Failed
184	26

	Domain	Requested by
53	www.bookeventz.com	1 redirects www.bookeventz.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
9	pagead2.googlesyndication.com	www.bookeventz.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.gstatic.com	www.bookeventz.com translate.googleapis.com googleads.g.doubleclick.net
7	fonts.googleapis.com	www.bookeventz.com googleads.g.doubleclick.net smatbot.s3.amazonaws.com
4	www.facebook.com	2 redirects connect.facebook.net
4	static.addtoany.com	www.bookeventz.com static.addtoany.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects www.bookeventz.com
3	www.google-analytics.com	www.bookeventz.com www.google-analytics.com
2	cdn.jsdelivr.net	smatbot.s3.amazonaws.com
2	r4---sn-4g5edndl.c.2mdn.net	www.bookeventz.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	www.bookeventz.com connect.facebook.net
2	translate.googleapis.com
2	smatbot.s3.amazonaws.com	www.bookeventz.com smatbot.s3.amazonaws.com
2	maxcdn.bootstrapcdn.com	www.bookeventz.com
2	cdn.ampproject.org	www.bookeventz.com
2	cdnjs.cloudflare.com	www.bookeventz.com smatbot.s3.amazonaws.com
1	code.responsivevoice.org	smatbot.s3.amazonaws.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	vc.hotjar.io	script.hotjar.com
1	www.google.de	www.bookeventz.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	media.bookeventz.com	www.bookeventz.com
1	static.hotjar.com	www.bookeventz.com
1	js.makestories.io	www.bookeventz.com
1	translate.google.com	www.bookeventz.com
1	shotsofdollars.com	www.bookeventz.com
0	www.smatbot.com Failed	smatbot.s3.amazonaws.com
0	scontent-fra5-2.cdninstagram.com Failed	www.bookeventz.com
184	40

This site contains links to these domains. Also see Links.

Domain
weddingideas.bookeventz.com
birthdayideas.bookeventz.com
corporateeventideas.bookeventz.com
www.addtoany.com
www.amazon.in
www.instagram.com
www.facebook.com
translate.google.com
twitter.com
in.pinterest.com
plus.google.com
www.linkedin.com
www.youtube.com
jobs.bookeventz.com

Subject Issuer	Validity	Valid
*.bookeventz.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-18` - `2022-12-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
api.v2.makestories.io Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Frame ID: 223B9F58C190200C10B83EDB726194F6
Requests: 105 HTTP requests in this frame

Frame: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Frame ID: 8317A39CBF4E90A3691FA10BACA9BF58
Requests: 11 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 7E74F43B78A6B22BBB9345BFAF3FB652
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: B261534333E180D61D14E727973B222E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 60C50181A16BCA94C03C224C2BBD6671
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: 5FEAB3686492B40C9AB55011654FBD7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=90&slotname=2437095843&adk=4025348117&adf=4164852396&pi=t.ma~as.2437095843&w=728&lmt=1666958732&format=728x90&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731963&bpp=5&bdt=1484&idt=193&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=3648785372291&frm=20&pv=2&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mSwIgNSHsO&p=https%3A//www.bookeventz.com&dtd=212
Frame ID: 1146861AB0B76AAB84646FD29C20286D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=1525412025&adf=89056384&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731968&bpp=2&bdt=1489&idt=242&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OdSp6cighe&p=https%3A//www.bookeventz.com&dtd=247
Frame ID: 7642EE4CA25FAAB4D813FB30ABA65DC6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7
Frame ID: 5704EAC23EC0CEDC09C977342BA05B57
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfc7ec65fb8439c%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D319%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315
Frame ID: 72F55B6730BC85FBF96027FA225D8C14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&adk=1812271804&adf=3025194257&lmt=1666958732&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731988&bpp=2&bdt=1509&idt=347&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280%2C791x280&nras=1&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=352
Frame ID: 9EDE4BCEE16ADB0737136B28BB013FB6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a0c81c4199f44%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D0%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315
Frame ID: 96358256941164494BB98EF278B6CA95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E91DFF5C3905BD408C97A84CCEDA8250
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: E275DBCBABB75D6F5608C166AA3470FE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A995B196202B4B6DDB65FA3DCBF7D9D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 5D09E349C2354C24137974497BCA48B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E8346DB73E4DF5C6B6F55B3B91FF2A7F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best Birthday Wishes for Manager and Boss in the Office

Page URL History Show full URLs

https://www.bookeventz.com/blog/birthday-wishes-for-manager HTTP 301
https://www.bookeventz.com/blog/birthday-wishes-for-manager/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

184
Requests

91 %
HTTPS

80 %
IPv6

26
Domains

40
Subdomains

36
IPs

4
Countries

3299 kB
Transfer

9877 kB
Size

14
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://weddingideas.bookeventz.com/
Title: Wedding

Search URL Search Domain Scan URL

URL: https://birthdayideas.bookeventz.com/
Title: Birthday Party

Search URL Search Domain Scan URL

URL: https://corporateeventideas.bookeventz.com/
Title: Corporate Party

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&title=Best%20Birthday%20Wishes%20for%20Manager%20and%20Boss%20%3A%20Simple%20Messages!
Title: Share

Search URL Search Domain Scan URL

URL: https://www.amazon.in/s?k=birthday&linkCode=ll2&tag=bookeventz-21&linkId=07969f0344dd2c34a741ac938d7c82a8&ref_=as_li_ss_tl
Title: birthday

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bookeventz
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BookEventz
Title: Facebook

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://www.instagram.com//

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CY0kqXSlvvt/
Title: #Mondayblues💙 : Saree is a gateway to slide int

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYtfbowJqK3/
Title: A daughter may outgrow your lap, but will never ou

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYoU-KBp44c/
Title: Pre-wedding festivities writes @patralekhaa as she

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYiiTsQrHd_/
Title: All of my smiles start with you❤ @vickykaushal09

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYdtu8YLXrz/
Title: #Fashionfaceoff : Black is bountiful. White is wit

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYZNOnOJuir/
Title: Rocking the ethnicity!! @tarasutaria giving the pr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYUEDWiltlw/
Title: The true beauty of the bride lies in the henna in

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYO31ghJSMi/
Title: Bridesmaids bring out the best in the bride on the

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CYMU_BDJn7v/
Title: Two beautiful hearts joining together with a promi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BookEventz/

Search URL Search Domain Scan URL

URL: https://twitter.com/BookEventz

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bookeventz/

Search URL Search Domain Scan URL

URL: http://in.pinterest.com/bookeventz/

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Bookeventz

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bookeventz

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/UrbanRestro

Search URL Search Domain Scan URL

URL: https://jobs.bookeventz.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.instagram.com/accounts/login/?next=/bookeventz/

Search URL Search Domain Scan URL

URL: https://in.pinterest.com/bookeventz/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bookeventz.com/blog/birthday-wishes-for-manager HTTP 301
https://www.bookeventz.com/blog/birthday-wishes-for-manager/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.instagram.com/p/CY0kqXSlvvt/media?size=t HTTP 301
https://www.instagram.com/p/CY0kqXSlvvt/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271970450_621613332393408_2433793189459319696_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=100&_nc_ohc=eDyNkf7SP8IAX_mjCBH&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfARNn92n-WboKRHTjQKRgMOBZ57OXdarL6BGH4b1Evqew&oe=63616C28&_nc_sid=5eceaa

Request Chain 80

https://www.instagram.com/p/CYtfbowJqK3/media?size=t HTTP 301
https://www.instagram.com/p/CYtfbowJqK3/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271963571_1026533791260906_3805749381073109835_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=106&_nc_ohc=5FcQmLRAVgoAX9Yr8uI&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfCe8SXh0ZW1DAjO3NiqcPYprlFwqpWJX6SSouCW6ElmDQ&oe=63603EBD&_nc_sid=5eceaa

Request Chain 81

https://www.instagram.com/p/CYoU-KBp44c/media?size=t HTTP 301
https://www.instagram.com/p/CYoU-KBp44c/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271531002_909609713261240_6523210628247731319_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=PppCWzhGj2IAX_22au_&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfAdOTKaJplBH8bRpTpHXEtRGf2xV42YkCnfqSmtd2RBEQ&oe=636198A1&_nc_sid=5eceaa

Request Chain 82

https://www.instagram.com/p/CYiiTsQrHd_/media?size=t HTTP 301
https://www.instagram.com/p/CYiiTsQrHd_/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271518268_312601874124669_6042887061965316253_n.webp?stp=c0.135.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=eSP4Cj7vl9gAX8teji9&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfAF0xrB_ftpmyhrvlDFj7s38C1j1m8vLseNToKVJIatWQ&oe=636077FF&_nc_sid=5eceaa

Request Chain 83

https://www.instagram.com/p/CYdtu8YLXrz/media?size=t HTTP 301
https://www.instagram.com/p/CYdtu8YLXrz/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271463050_136077375528076_5657130121486879308_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=104&_nc_ohc=3ElF2iulysIAX8-m1um&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfBqzYZeN-v_mVjdsGuVeWmNvEPK_CNEMfrIowdPyVdjag&oe=6361933F&_nc_sid=5eceaa

Request Chain 84

https://www.instagram.com/p/CYZNOnOJuir/media?size=t HTTP 301
https://www.instagram.com/p/CYZNOnOJuir/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271322632_1009446273247591_5765830894686096540_n.webp?stp=c0.128.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=107&_nc_ohc=_vsBBgBc-poAX-5vQRR&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfChNADAQ27bJI8mHQ0_OsjfrridG3GlJPEbdxhNOjWr7g&oe=6360A0FE&_nc_sid=5eceaa

Request Chain 85

https://www.instagram.com/p/CYUEDWiltlw/media?size=t HTTP 301
https://www.instagram.com/p/CYUEDWiltlw/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271491368_4782988085122232_6692049023402504924_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=9a_85z-rKMUAX8WSDt0&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfCO1MNhnbn2et57x6EVxzo3LrSF1iBKv-NHbG1DESGxQw&oe=6360A3C4&_nc_sid=5eceaa

Request Chain 86

https://www.instagram.com/p/CYO31ghJSMi/media?size=t HTTP 301
https://www.instagram.com/p/CYO31ghJSMi/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271202556_427242519135729_5881921219207687288_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=QPGTYBHkG0IAX-eBofg&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfA7PkCEzo6g-V-qkRhMu_5oIuODm-cLU51vC-8sAArF2w&oe=6360B0F1&_nc_sid=5eceaa

Request Chain 87

https://www.instagram.com/p/CYMU_BDJn7v/media?size=t HTTP 301
https://www.instagram.com/p/CYMU_BDJn7v/media/?size=t HTTP 302
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271261463_139326905186265_6319329532640984041_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=W2JPQSTIoCkAX8qrauf&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfBuWcONY-O96p0c9GM_bCXmNgk3O0mjKJf-wdOAt_S3iw&oe=6360458D&_nc_sid=5eceaa

Request Chain 88

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=304094696374352&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc7ec65fb8439c%26domain%3Dwww.bookeventz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bookeventz.com%252Ff17c583d919c83%26relation%3Dparent.parent&container_width=319&height=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FBookEventz&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&small_header=false&width=315 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfc7ec65fb8439c%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D319%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315

Request Chain 91

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=304094696374352&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a0c81c4199f44%26domain%3Dwww.bookeventz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bookeventz.com%252Ff17c583d919c83%26relation%3Dparent.parent&container_width=0&height=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FBookEventz&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&small_header=false&width=315 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a0c81c4199f44%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D0%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://gcdn.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5195F1756C96AFA16DA4D43080E012A06E90E208.2CAFC2B0AA260B8802FC5E5A62C7172932EEE431/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E53D7A4B6E97F370C73ABBA5CC1B4F7B1DA093.079C84B04290EBEC55EC0DB8ABBF15EBD9799472/key/cms1/cms_redirect/yes/mh/jh/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1666958467/mv/m/mvi/4/pl/49/file/file.mp4

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

184 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.bookeventz.com/blog/birthday-wishes-for-manager/
Redirect Chain

https://www.bookeventz.com/blog/birthday-wishes-for-manager
https://www.bookeventz.com/blog/birthday-wishes-for-manager/

1 MB
117 KB

4350ms
4350ms

Document
text/html

101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 9cef62b5bd8de97cc361d574bd2cf3e15554075f5bd78c38973b94ebfa2d3236

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 12:05:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT 0
Keep-Alive: timeout=10, max=999
Link: <https://www.bookeventz.com/blog/wp-json/>; rel="https://api.w.org/", <https://www.bookeventz.com/blog/wp-json/wp/v2/posts/8913>; rel="alternate"; type="application/json", <https://www.bookeventz.com/blog/?p=8913>; rel=shortlink
Pragma: no-cache no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 12:05:23 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT 0
Keep-Alive: timeout=10, max=1000
Location: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Pragma: no-cache no-cache
Server: Apache
X-Redirect-By: WordPress

GET
H2 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/ 34 KB
9 KB 97ms
59ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/fingerprint2.min.js

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3342223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9015
last-modified: Mon, 04 May 2020 16:10:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5c-8648"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76138a421dfd6964-FRA
expires: Wed, 18 Oct 2023 12:05:30 GMT

GET
H/1.1 200
OK gtranslate-style24.css
www.bookeventz.com/blog/wp-content/plugins/gtranslate/ 693 B
723 B 432ms
144ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:44:03 GMT
Server: Apache
ETag: "2b5-5e294ab788c8b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 299
Expires: 0

GET
H/1.1 200
OK sb-instagram-2-2.min.css
www.bookeventz.com/blog/wp-content/plugins/instagram-feed/css/ 16 KB
3 KB 441ms
147ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/instagram-feed/css/sb-instagram-2-2.min.css?ver=2.4.3
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:46:18 GMT
Server: Apache
ETag: "41cd-5e294b37eda0b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 2850
Expires: 0

GET
H/1.1 200
OK style.min.css
www.bookeventz.com/blog/wp-includes/css/dist/block-library/ 50 KB
8 KB 442ms
148ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:25 GMT
Server: Apache
ETag: "c88a-5e293878d4ec9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 7849
Expires: 0

GET
H/1.1 200
OK front_end_style.css
www.bookeventz.com/blog/wp-content/plugins/captcha/css/ 2 KB
1 KB 450ms
150ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/captcha/css/front_end_style.css?ver=4.3.0
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: f08cd89f44f9d3a9b9ff46ac50838fad579411f0d775c2a49de2da0ab0d192af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:42:32 GMT
Server: Apache
ETag: "70e-5e294a60bc8e9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 709
Expires: 0

GET
H/1.1 200
OK dashicons.min.css
www.bookeventz.com/blog/wp-includes/css/ 58 KB
35 KB 480ms
152ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/css/dashicons.min.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:26 GMT
Server: Apache
ETag: "e682-5e293879a6e90-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 35726
Expires: 0

GET
H/1.1 200
OK desktop_style.css
www.bookeventz.com/blog/wp-content/plugins/captcha/css/ 2 KB
833 B 500ms
145ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/captcha/css/desktop_style.css?ver=4.3.0
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 84c8c596f2ab6d1a4c04c1b22bf92cf51d05ce97fe2a9f7dfd97d43f99344b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:42:32 GMT
Server: Apache
ETag: "6d3-5e294a60acee2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=998
Content-Length: 410
Expires: 0

GET
H/1.1 200
OK thumbs-grid.min.css
www.bookeventz.com/blog/wp-content/plugins/contextual-related-posts/css/ 2 KB
1009 B 576ms
144ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/contextual-related-posts/css/thumbs-grid.min.css?ver=3.2.3
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 7f1d14638b89c3a49a37de5d97c8e1b186beaac96134e515981a83b159c527e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 07:26:37 GMT
Server: Apache
ETag: "735-5e39696bda3e3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=999
Content-Length: 586
Expires: 0

GET
H/1.1 200
OK email-subscribers-public.css
www.bookeventz.com/blog/wp-content/plugins/email-subscribers/lite/public/css/ 2 KB
1 KB 588ms
147ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.3.10
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:45:41 GMT
Server: Apache
ETag: "85d-5e294b153bcb7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=999
Content-Length: 769
Expires: 0

GET
H/1.1 200
OK ms-style.css
www.bookeventz.com/blog/wp-content/plugins/makestories-helper/assets/css/ 13 KB
3 KB 600ms
150ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/makestories-helper/assets/css/ms-style.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: f38926e592669f34623b14f4900e7c3c5b01b87b4a33127adb73a83aad4117a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2022 12:32:21 GMT
Server: Apache
ETag: "34cd-5e4b47df074df-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=999
Content-Length: 2588
Expires: 0

GET
H/1.1 200
OK slick-theme.css
www.bookeventz.com/blog/wp-content/plugins/makestories-helper/vendor/slick/ 3 KB
1 KB 605ms
152ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/makestories-helper/vendor/slick/slick-theme.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2022 12:32:21 GMT
Server: Apache
ETag: "c49-5e4b47df074df-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=999
Content-Length: 866
Expires: 0

GET
H/1.1 200
OK slick.css
www.bookeventz.com/blog/wp-content/plugins/makestories-helper/vendor/slick/ 2 KB
992 B 646ms
145ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/makestories-helper/vendor/slick/slick.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2022 12:32:21 GMT
Server: Apache
ETag: "6f0-5e4b47df0653f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=997
Content-Length: 569
Expires: 0

GET
H2 200 amp-story-player-v0.css
cdn.ampproject.org/ 1 KB
2 KB 93ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp-story-player-v0.css?ver=5.6.2

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 12:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 433
x-xss-protection: 0
server: sffe
etag: "12fe0f140aecbdd5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Oct 2022 12:05:30 GMT

GET
H/1.1 200
OK display-opinions-light.css
www.bookeventz.com/blog/wp-content/plugins/ninja-forms/assets/css/ 44 KB
7 KB 722ms
145ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 3f5ab26f1b91b1a610d792c54a9545194a8651e6b6e6dfd9e440dd5d75c2c966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:42:19 GMT
Server: Apache
ETag: "ae8b-5e294a54352b3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=998
Content-Length: 6631
Expires: 0

GET
H/1.1 200
OK font-awesome.min.css
www.bookeventz.com/blog/wp-content/plugins/ninja-forms/assets/css/ 27 KB
7 KB 754ms
165ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:42:18 GMT
Server: Apache
ETag: "6b4a-5e294a53a6932-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=998
Content-Length: 6243
Expires: 0

GET
H/1.1 200
OK display-structure.css
www.bookeventz.com/blog/wp-content/plugins/ninja-forms-style/layouts/assets/css/ 2 KB
834 B 750ms
150ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/ninja-forms-style/layouts/assets/css/display-structure.css?ver=3.0.25
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:41:16 GMT
Server: Apache
ETag: "619-5e294a185b25b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=998
Content-Length: 411
Expires: 0

GET
H/1.1 200
OK theme.css
www.bookeventz.com/blog/wp-content/plugins/popup-builder/public/css/ 68 KB
11 KB 754ms
149ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/popup-builder/public/css/theme.css?ver=3.67
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: b630a6f49a2c8d0aca4262527f246c3541c7b4fbe66ebe0920510a46070a509c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:41:24 GMT
Server: Apache
ETag: "11064-5e294a2079812-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=998
Content-Length: 11080
Expires: 0

GET
H/1.1 200
OK saswp-style.min.css
www.bookeventz.com/blog/wp-content/plugins/schema-and-structured-data-for-wp/admin_section/css/ 7 KB
2 KB 795ms
149ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/schema-and-structured-data-for-wp/admin_section/css/saswp-style.min.css?ver=1.9.78
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 2355efb2fdd679b4a884e5585161553a017ee969c6e926352ad7cc661bec16aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:42:39 GMT
Server: Apache
ETag: "1c05-5e294a67eba0f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=996
Content-Length: 2125
Expires: 0

GET
H/1.1 200
OK style.css
www.bookeventz.com/blog/wp-content/themes/worldstar/ 56 KB
11 KB 821ms
150ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/themes/worldstar/style.css?ver=1.2.3
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: d97628fe4c4c653f8374a1cc680c653bdf9b9de221c932a949c7c8da813fd233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:47:56 GMT
Server: Apache
ETag: "de45-5e294b95f1af0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=999
Content-Length: 10489
Expires: 0

GET
H/1.1 200
OK genericons.css
www.bookeventz.com/blog/wp-content/themes/worldstar/css/genericons/ 28 KB
16 KB 873ms
149ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/themes/worldstar/css/genericons/genericons.css?ver=3.4.1
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: a767d7e7af88326afb37242f2828280a2c930945cb94b636b1f05a0afb634621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:47:55 GMT
Server: Apache
ETag: "6f71-5e294b94bf027-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=997
Content-Length: 16468
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 70ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7COswald%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bbee51521d23babf9c66be31190c688694994192e387384e1b1717515a1e69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 12:05:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:30 GMT

GET
H/1.1 200
OK themezee-related-posts.css
www.bookeventz.com/blog/wp-content/themes/worldstar/css/ 5 KB
1 KB 899ms
149ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/themes/worldstar/css/themezee-related-posts.css?ver=20160421
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: ef9b9cc8f092102d961d332a8b63553ecf7bbfc65d4a3776eda5e1a67e62976c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:47:55 GMT
Server: Apache
ETag: "1345-5e294b94c7ccb-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=997
Content-Length: 879
Expires: 0

GET
H/1.1 200
OK style.css
www.bookeventz.com/blog/wp-content/plugins/newsletter/ 6 KB
2 KB 903ms
149ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/newsletter/style.css?ver=7.4.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:45:57 GMT
Server: Apache
ETag: "188a-5e294b245a561-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=997
Content-Length: 1198
Expires: 0

GET
H/1.1 200
OK addtoany.min.css
www.bookeventz.com/blog/wp-content/plugins/add-to-any/ 1 KB
910 B 927ms
146ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:41:12 GMT
Server: Apache
ETag: "5ef-5e294a1416407-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=997
Content-Length: 487
Expires: 0

GET
H/1.1 200
OK buttonizer.css
www.bookeventz.com/blog/wp-content/plugins/buttonizer-multifunctional-button/css/ 19 KB
3 KB 940ms
144ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/buttonizer-multifunctional-button/css/buttonizer.css?v=d67a6c0a4f789c232eb39d18f38c61bf&ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 579e8c01bcc33828befd2b2aae7c1a133c88fd812429a8b149d6aba5a66a08eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:39:18 GMT
Server: Apache
ETag: "4d72-5e2949a75e07a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=995
Content-Length: 2285
Expires: 0

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 69ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.6.2

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 20913516
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 74650a6817a456c7f0af3754eeb48518
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76138a41eefb9a03-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK wp-about-author.css
www.bookeventz.com/blog/wp-content/plugins/wp-about-author/ 1 KB
793 B 984ms
149ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/wp-about-author/wp-about-author.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: e868025497d76bd96caefdeebda2a813be57b5f6703519019f5ef645d4f220a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:46:21 GMT
Server: Apache
ETag: "47d-5e294b3b31a82-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=998
Content-Length: 370
Expires: 0

GET
H/1.1 200
OK jquery.min.js Show response
www.bookeventz.com/blog/wp-includes/js/jquery/ 87 KB
31 KB 1053ms
154ms Script
application/javascript 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:53 GMT
Server: Apache
ETag: "15d98-5e29389360a98-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=996
Content-Length: 30916
Expires: 0

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 115ms
59ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1a662152c1b181faee3414c71763cfa9108a0bc2c3e0a88e3814c4f9d71e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:31 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 79167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 06:16:16 GMT
server: cloudflare
etag: W/"bb9-5eb5d2575a6c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 76138a494e27996c-FRA

GET
H2 200 amp-story-player-v0.js Show response
cdn.ampproject.org/ 52 KB
16 KB 92ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp-story-player-v0.js?ver=5.6.2

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4591bde8d31f849f03b74b907c4857b7261a431515844b752fa560a3993bdf6b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 12:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16091
x-xss-protection: 0
server: sffe
etag: "5888e3b22cfe701b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Oct 2022 12:05:30 GMT

GET
H/1.1 200
OK smatbot_plugin.js.gz Show response
smatbot.s3.amazonaws.com/files/ 2 MB
166 KB 376ms
137ms Script
application/javascript 52.216.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.116 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ecad2fb49f3cbc7c45901b67c81da89c12c107b86818365ed0bc74792c3ce0eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 12:05:32 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Oct 2022 08:38:10 GMT
Server: AmazonS3
x-amz-request-id: Z40PAK3KBQVHZTE0
ETag: "bf543afd44e757d4700bebcb77a45432"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 170039
x-amz-id-2: VjGEq1vCepyTI4977xQ3czeAN8oj/SvJzmBkhSfpKoZV/11afWGrronnxfbQeORVZEMmvBQCX5Q=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
16ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 11:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2977
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 13:15:54 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.bookeventz.com/blog/wp-includes/js/ 14 KB
5 KB 152ms
149ms Script
application/javascript 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:51 GMT
Server: Apache
ETag: "3795-5e293891717c5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=997
Content-Length: 4662
Expires: 0

GET
H2 200 secureads.js Show response
shotsofdollars.com/ads/tagc/ 120 KB
7 KB 236ms
135ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shotsofdollars.com/ads/tagc/secureads.js
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e723af1b6c5ea3c585ee1c49bc9985c2b4c7d43211940b3d823fcb6a6532ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cdn-cache-status: MISS
x-via: FRA1
x-origin-cache-status: MISS
x-provided-by: StackCDN
last-modified: Wed, 28 Apr 2021 11:11:11 GMT
server: cloudflare
etag: W/"1e147-5c1066fad5ebf"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZKPyqgbavQ0oHoDFtS0jLjhs7mWwAQMRqiVZm3pLXBjYY%2FOY9HCR57wBUVuExVKoUuwXEFQT4r6x11Cqgv1SnjiAG%2BN4dtU41RoaM59K95XI5ey2r2zB2zJjOZNQsg9Qbk4oakXh3TBeTltlysXgTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 76138a49beb492b9-FRA
expires: Fri, 28 Oct 2022 12:05:31 GMT

GET
H/1.1 200
OK cropped-BookeventzLogoDesktop.png
www.bookeventz.com/blog/wp-content/uploads/2019/06/ 3 KB
3 KB 149ms
146ms Image
image/png 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/2019/06/cropped-BookeventzLogoDesktop.png
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 39fbe7f02d24722dd2f7ed384e9f954363a87b65695d0193dd34c7209ab82921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Last-Modified: Wed, 29 Jun 2022 11:30:41 GMT
Server: Apache
ETag: "bdb-5e2947ba8808a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=994
Content-Length: 3035
Expires: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 125ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b375eea3647816bcb8697ddc8e615eb421ef018e8445d0cee8b9e9a41e27089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55602
x-xss-protection: 0
server: cafe
etag: 13936688159745380248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:05:31 GMT

GET
H/1.1 200
OK pp-1-150x150.jpg
www.bookeventz.com/blog/wp-content/uploads/2018/12/ 4 KB
5 KB 151ms
148ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/2018/12/pp-1-150x150.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 8ee57ff2f42814983b5624caebb138f6c7f51ab9b17ebaf206009cddd76559c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Last-Modified: Wed, 29 Jun 2022 10:36:04 GMT
Server: Apache
ETag: "10ef-5e293b8556f7b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=996
Content-Length: 4335
Expires: 0

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 72ms
33ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e26826be1d90b66dc48a6213206948035c71e01ae563f865832cdd21c0e22b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK placeholder.png
www.bookeventz.com/blog/wp-content/plugins/instagram-feed/img/ 176 B
547 B 146ms
144ms Image
image/png 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Last-Modified: Wed, 29 Jun 2022 11:46:19 GMT
Server: Apache
ETag: "b0-5e294b398ac24"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=996
Content-Length: 176
Expires: 0

GET
H2 200 StoryPlayer.js Show response
js.makestories.io/player/ 42 KB
9 KB 86ms
22ms Script
application/javascript 2600:9000:214f:d000:3:f432:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.makestories.io/player/StoryPlayer.js?ver=5.6.2

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:d000:3:f432:a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

477c286e95aea65947da0d7f48056c54a2020ccb7ed78d404eaf5300eef9d3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:53:07 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 744
x-cache: Hit from cloudfront
last-modified: Fri, 16 Sep 2022 14:10:40 GMT
server: nginx
etag: W/"632483e0-a80f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: KDW0Wa3Vf_o3-yAJAx--phymuk4HGE4KFYL67t7Q3aoq9CxgDk2-iA==
expires: Sun, 27 Nov 2022 11:53:07 GMT

GET
H/1.1 200
OK autoptimize_487146e920ce819bda4fa4bae983f6c6.js Show response
www.bookeventz.com/blog/wp-content/cache/autoptimize/js/ 410 KB
100 KB 159ms
157ms Script
application/javascript 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/cache/autoptimize/js/autoptimize_487146e920ce819bda4fa4bae983f6c6.js
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: c7965c0b9e50611209d013c6bca6015aef767673eba8d19d3fb4649af412c491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Oct 2022 11:27:44 GMT
Server: Apache
ETag: "667db-5eaac72cc5208-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=996
Expires: 0

GET
H2 200 hotjar-2398904.js Show response
static.hotjar.com/c/ 4 KB
2 KB 86ms
49ms Script
application/javascript 13.32.27.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2398904.js?sv=5

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-15.fra56.r.cloudfront.net

Software

Resource Hash

40ffed0b81d6867b465d1e47c06325b9abe4ea65a66007ebc8bdb14a0ff2ea1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/78acf61349eccf0da54911c6df37f296
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: CPOKAXgjcWa1JcPcUSgQQ7F430tb_ouYjvnd0VJL-WycwYluRnKcQA==

GET
H/1.1 200
OK hit Show response
www.bookeventz.com/blog/wp-json/wp-statistics/v2/ 66 B
831 B 4327ms
4327ms XHR
application/json 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bookeventz.com/blog/wp-json/wp-statistics/v2/hit?_=1666958728&_wpnonce=6d6a56d15c&wp_statistics_hit_rest=yes&browser=Chrome&platform=Windows&version=10.0&referred=https%3A%2F%2Fwww.bookeventz.com%2Fblog&ip=146.70.117.69&exclusion_match=no&exclusion_reason&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.87+Safari%2F537.36&track_all=1&timestamp=1666978529&current_page_type=post&current_page_id=8913&search_query&page_uri=/birthday-wishes-for-manager/&user_id=0

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),

Reverse DNS

e2e-29-55.ssdcloudindia.net

Software

Apache /

Resource Hash

b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Date: Fri, 28 Oct 2022 12:05:31 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Pragma: no-cache, no-cache
Server: Apache
Allow: GET
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Cache-Control: no-cache, no-cache, no-store, must-revalidate
X-Robots-Tag: noindex
X-WP-Nonce: 6d6a56d15c
Keep-Alive: timeout=10, max=995
Link: <https://www.bookeventz.com/blog/wp-json/>; rel="https://api.w.org/"
Expires: Thu, 19 Nov 1981 08:52:00 GMT, 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 63ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7COswald%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bookeventz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 321297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:34 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 58ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7COswald%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bookeventz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:06:12 GMT
x-content-type-options: nosniff
age: 313159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 21:06:12 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.bookeventz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK cover.gif
www.bookeventz.com/blog/wp-content/uploads/2018/07/ 267 KB
268 KB 201ms
145ms Image
image/gif 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/2018/07/cover.gif
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: bd1b3d960f1da4af00a2424d95f6871d1b6676dab2b6004ead2cee27a0c57124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Last-Modified: Wed, 29 Jun 2022 10:38:11 GMT
Server: Apache
ETag: "42cd5-5e293bfed3170"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=993
Content-Length: 273621
Expires: 0

GET
H/1.1 200
OK / Show response
www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/ Frame 8317 21 KB
7 KB 5861ms
5750ms Document
text/html 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 415b70d674f60d389736ee0f758cba21ff89d82840ced2ce6733fd7776e98474

Request headers

Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6511
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 12:05:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT 0
Keep-Alive: timeout=10, max=995
Link: <https://www.bookeventz.com/blog/wp-json/>; rel="https://api.w.org/", <https://www.bookeventz.com/blog/wp-json/wp/v2/posts/11923>; rel="alternate"; type="application/json", <https://www.bookeventz.com/blog/?p=11923>; rel=shortlink
Pragma: no-cache no-cache
Server: Apache
Vary: Accept-Encoding
X-WP-embed: true

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 67ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:34:12 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ 207 KB
74 KB 68ms
16ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75091
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:21:07 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7COswald%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bookeventz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:54:08 GMT
x-content-type-options: nosniff
age: 321083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:54:08 GMT

GET
H/1.1 200
OK 4-1.gif
www.bookeventz.com/blog/wp-content/uploads/2018/07/ 190 KB
190 KB 149ms
147ms Image
image/gif 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/2018/07/4-1.gif
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 39e27a5c506551c52d9ef0ae795c5b8a02b67bb93c15024c0ba68e06080f4034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Last-Modified: Wed, 29 Jun 2022 10:38:08 GMT
Server: Apache
ETag: "2f65b-5e293bfb90097"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=995
Content-Length: 194139
Expires: 0

GET
H/1.1 200
OK Untitled-6.gif
www.bookeventz.com/blog/wp-content/uploads/2018/07/ 2 KB
3 KB 152ms
149ms Image
image/gif 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/2018/07/Untitled-6.gif
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 3a8fe06ffda5b02b2b3c91fa5a64375c6d563c06439a62805d918e3f95bee681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:31 GMT
Last-Modified: Wed, 29 Jun 2022 10:37:49 GMT
Server: Apache
ETag: "94e-5e293bea0e18a"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=996
Content-Length: 2382
Expires: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 53ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8910962519f383d99626824fa2786320aee3e9048ef32e571d13f5e62a9e704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 12:05:31 GMT
content-md5: b5AxO9yCS2dyQ9fLZxVueA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 7+lSTVZtnL/LQMcbBwxg9gSjgjNg+ATNFVU/iLJIRKEh1dSfUy5ViVjEqEayT/sUWkIahXrk85VQFGMBNYdmCA==
x-fb-trip-id: 686109401
x-fb-content-md5: ee2586c785c8cd4be272641863a235a6
cross-origin-opener-policy: same-origin-allow-popups
etag: "f2bb8c9eefa8a844871ed798c19edd0e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:17:37 GMT

GET
H/1.1 200
OK loading.gif
www.bookeventz.com/blog/wp-content/plugins/mailster/assets/img/ 4 KB
4 KB 285ms
151ms Image
image/gif 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/mailster/assets/img/loading.gif
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 189d13d13190e962ee77c41a05836e977ef88368c24c70bf592b27f38094e530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 11:44:24 GMT
Server: Apache
ETag: "1042-5e294acb56ad8"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=995
Content-Length: 4162
Expires: 0

GET
H2 200 footerDesktop-sprite-min.png
media.bookeventz.com/html/bookeventz.com/asset/images/ 3 KB
4 KB 734ms
657ms Image
image/png 2600:9000:206f:5600:7:102f:640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bookeventz.com/html/bookeventz.com/asset/images/footerDesktop-sprite-min.png
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5600:7:102f:640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbf65aabab02c2961fd9fd2afa17c0e1875d606b0a723f25d1d9230b6b84345f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 08:09:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "c1378b281ef85361e62a21fbe5216deb"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=604800
content-disposition: attachment
accept-ranges: bytes
content-length: 3356
x-amz-cf-id: m7KzUokP1cxOyndnibbo6ai6Pk_4CQAAdlNWaZIlgbcQdPNgugw2eQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 23ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1007154411&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&ul=en-us&de=UTF-8&dt=Best%20Birthday%20Wishes%20for%20Manager%20and%20Boss%20in%20the%20Office&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1469756196&gjid=1373261684&cid=1044521489.1666958732&tid=UA-39073605-1&_gid=2005643133.1666958732&_r=1&_slc=1&z=1704113001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bookeventz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bookeventz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 15ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1007154411&t=pageview&_s=2&dl=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&ul=en-us&de=UTF-8&dt=Best%20Birthday%20Wishes%20for%20Manager%20and%20Boss%20in%20the%20Office&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1044521489.1666958732&tid=UA-39073605-1&_gid=2005643133.1666958732&z=1563565780

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 15:31:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74030
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 core.ad902dd1.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 80ms
58ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.ad902dd1.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36881e576619c157397e1004d906a7f4254bdcc145c068fa6f795c84af665d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bookeventz.com/
Origin: https://www.bookeventz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 168210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 06:16:14 GMT
server: cloudflare
etag: W/"11786-5eb5d25506b88"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 76138a4ada129a1d-FRA

GET
H2 200 icons.31.svg.js Show response
static.addtoany.com/menu/svg/ 76 KB
32 KB 63ms
63ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.31.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d102c69c2e02cfd878d735d72dced6641b41c8a80f8570e9ceae04e556dfa56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:31 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 798390
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 21:26:00 GMT
server: cloudflare
etag: W/"130d9-5eb55bd13de3f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 76138a4ab918996c-FRA

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 7E74 741 B
552 B 50ms
50ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1342687
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 76138a4ab919996c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Oct 2022 12:05:31 GMT
etag: W/"2e5-5cc9e128a4c38"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 37ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5e6aeecd9694bae52b669858694e803b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e095005712ab27c28714a52fe9df44ece49717071814bf9961c6f345259aab1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bookeventz.com/
Origin: https://www.bookeventz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 12:05:31 GMT
content-md5: atvKT0szWZCBBlwp/XqNDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86914
x-fb-rlafr: 0
x-fb-debug: lv1VTlJE5BtVugLRwsoTfUZNbwgdbQoreZc4ZfmyNrlHJcb164F4M83BLDTn54Uk/JGpu+fD2XlE3QxlGbNSfw==
x-fb-content-md5: ed42be42ec045a2164a8c2f86bace58d
cross-origin-opener-policy: same-origin-allow-popups
etag: "88b082017d0996b14f54ee5e880ab706"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Oct 2023 09:42:08 GMT

GET
H2 200 modules.5a17f10e21dd3fd3b841.js Show response
script.hotjar.com/ 254 KB
65 KB 52ms
17ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2398904.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 174445
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66091
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
etag: "f784e2f70f455f7e613fcb9f757607c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uNEaZiDpUVYHQ74pRVw8qp4PHNV5uUZGjagdXLXCRbMLCwYm6B63_w==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 353 KB
116 KB 86ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2606855401085191&plah=www.bookeventz.com&bust=31070539

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0389f6d00d0ec5ac3a38698ca94915a7b37c6ed70a9d271e823e55bd71bd8ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118769
x-xss-protection: 0
server: cafe
etag: 513544094392477322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:05:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame B261 10 KB
5 KB 55ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:30:24 GMT
etag: 9671129459699598864
expires: Fri, 11 Nov 2022 07:30:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated Show response
/ Frame 60C5 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 56ms
16ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:22:58 GMT
x-content-type-options: nosniff
age: 6154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Oct 2023 10:22:58 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 57ms
16ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 10:47:09 GMT
x-content-type-options: nosniff
age: 177503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Oct 2023 10:47:09 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 54ms
17ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:54:33 GMT
x-content-type-options: nosniff
age: 659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Oct 2023 11:54:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 118ms
37ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39073605-1&cid=1044521489.1666958732&jid=1469756196&gjid=1373261684&_gid=2005643133.1666958732&_u=IEBAAEAAAAAAACAAI~&z=1197040002

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bookeventz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 12:05:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bookeventz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame 5FEA 2 KB
1 KB 60ms
16ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2398904.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 874406
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:06 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-id: MPvd5VGa5GvPeiipYtI1N2RXY8wjc_9khDEHFNSM0tTIX-UNw_u-yw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
333 B 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bookeventz.com&callback=_gfp_s_&client=ca-pub-2606855401085191&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2606855401085191&plah=www.bookeventz.com&bust=31070539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fca745d3f4b436a8d0844e039eee0a3190011a0ff93b6419e130f29b2f3a2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bookeventz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 64ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bookeventz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1146 74 KB
21 KB 537ms
504ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=90&slotname=2437095843&adk=4025348117&adf=4164852396&pi=t.ma~as.2437095843&w=728&lmt=1666958732&format=728x90&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731963&bpp=5&bdt=1484&idt=193&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=3648785372291&frm=20&pv=2&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mSwIgNSHsO&p=https%3A//www.bookeventz.com&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f909af42032398f0f6272959b4f363b75bbfb38161ae35cb86bc5c4dcf70c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21977
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:32 GMT
expires: Fri, 28 Oct 2022 12:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7642 68 KB
21 KB 720ms
719ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=1525412025&adf=89056384&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731968&bpp=2&bdt=1489&idt=242&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OdSp6cighe&p=https%3A//www.bookeventz.com&dtd=247

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97f7a08ce062e83df992f9ea9c8686c711eb3e0e3160798f6ab81231f88ff28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21867
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:32 GMT
expires: Fri, 28 Oct 2022 12:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 84ms
44ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-39073605-1&cid=1044521489.1666958732&jid=1469756196&_u=IEBAAEAAAAAAACAAI~&z=1100604334

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 83ms
43ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-39073605-1&cid=1044521489.1666958732&jid=1469756196&_u=IEBAAEAAAAAAACAAI~&z=1100604334

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5704 84 KB
30 KB 811ms
810ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b653c66a6b9701e27217c549d9678ac219586835a98dca11c195311f3655e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30717
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:33 GMT
expires: Fri, 28 Oct 2022 12:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET

271970450_621613332393408_2433793189459319696_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CY0kqXSlvvt/media?size=t
https://www.instagram.com/p/CY0kqXSlvvt/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271970450_621613332393408_2433793189459319696_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=100&_nc_ohc=eDyN...

0
0

GET

271963571_1026533791260906_3805749381073109835_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYtfbowJqK3/media?size=t
https://www.instagram.com/p/CYtfbowJqK3/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271963571_1026533791260906_3805749381073109835_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=106&_nc_ohc=5Fc...

0
0

GET

271531002_909609713261240_6523210628247731319_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYoU-KBp44c/media?size=t
https://www.instagram.com/p/CYoU-KBp44c/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271531002_909609713261240_6523210628247731319_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=PppC...

0
0

GET

271518268_312601874124669_6042887061965316253_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYiiTsQrHd_/media?size=t
https://www.instagram.com/p/CYiiTsQrHd_/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271518268_312601874124669_6042887061965316253_n.webp?stp=c0.135.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_ca...

0
0

GET

271463050_136077375528076_5657130121486879308_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYdtu8YLXrz/media?size=t
https://www.instagram.com/p/CYdtu8YLXrz/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271463050_136077375528076_5657130121486879308_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=104&_nc_ohc=3ElF...

0
0

GET

271322632_1009446273247591_5765830894686096540_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYZNOnOJuir/media?size=t
https://www.instagram.com/p/CYZNOnOJuir/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271322632_1009446273247591_5765830894686096540_n.webp?stp=c0.128.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_c...

0
0

GET

271491368_4782988085122232_6692049023402504924_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYUEDWiltlw/media?size=t
https://www.instagram.com/p/CYUEDWiltlw/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271491368_4782988085122232_6692049023402504924_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=9a_...

0
0

GET

271202556_427242519135729_5881921219207687288_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYO31ghJSMi/media?size=t
https://www.instagram.com/p/CYO31ghJSMi/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271202556_427242519135729_5881921219207687288_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=QPGT...

0
0

GET

271261463_139326905186265_6319329532640984041_n.webp
scontent-fra5-2.cdninstagram.com/v/t51.2885-15/
Redirect Chain

https://www.instagram.com/p/CYMU_BDJn7v/media?size=t
https://www.instagram.com/p/CYMU_BDJn7v/media/?size=t
https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271261463_139326905186265_6319329532640984041_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=W2JP...

0
0

GET
H3

200

/
www.facebook.com/login/ Frame 72F5
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=304094696374352&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc7e...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

90ms
71ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfc7ec65fb8439c%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D319%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5e6aeecd9694bae52b669858694e803b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Oct 2022 12:05:32 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: zu8UpWNpDgvviJVd2Gqp7vjn53hZ7LMKqZcCHj2CvEbATzicRil9MaF039+uYjXlqW5NjD9zWhm+8y8YUiqQ7w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 28 Oct 2022 12:05:32 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfc7ec65fb8439c%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D319%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: ovrQdZkuhYDVbwHuiEcD+T9vR/7NcwcWSNPgD3XdcXHWgRyfN2BxzC6EfFTbya7lfgLUwS9+xHT/p/SynT9qew==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9EDE 104 KB
28 KB 663ms
663ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&adk=1812271804&adf=3025194257&lmt=1666958732&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731988&bpp=2&bdt=1509&idt=347&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280%2C791x280&nras=1&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67a68c65dd7708da52f549e1f6a683a489b4ac88642048263cab710d87501810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28223
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:32 GMT
expires: Fri, 28 Oct 2022 12:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 2398904 Show response
vc.hotjar.io/sessions/ 0
258 B 97ms
43ms XHR
text/plain 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2398904?s=0.25&r=0.04341102370376482
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 0sTas3TDaLBt87HvXcInNQNbJtKXMtzn5LRRxO0H5rWXV5TLouMiSA==

GET
H3

200

/
www.facebook.com/login/ Frame 9635
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=304094696374352&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a0...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

81ms
81ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a0c81c4199f44%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D0%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=5e6aeecd9694bae52b669858694e803b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Oct 2022 12:05:32 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hOuEzBEOk8Xew/wFHaplIQb8XGBEzu3otlsfhCeQnBPKkBYc+5SrIQZUhXNKq8b76vDbVW+PZ18TWO97isB5lw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 28 Oct 2022 12:05:32 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D304094696374352%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a0c81c4199f44%2526domain%253Dwww.bookeventz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bookeventz.com%25252Ff17c583d919c83%2526relation%253Dparent.parent%26container_width%3D0%26height%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FBookEventz%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D315
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 31yOTN43iwW3FJYZyKxXtC7F78rSWofes29weJSbHhhyDIJ5SQ8fzOe103PP0VLvxBY7qBoMFZUic9Wu491+AA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H/1.1 200
OK 271261463_139326905186265_6319329532640984041_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 115 KB
116 KB 152ms
152ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271261463_139326905186265_6319329532640984041_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: e1322f7f63d3bf0f050c6d8458d80f6890cac737b13df33f016ca8d9e074995b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:31 GMT
Server: Apache
ETag: "1cd53-5e2938b76d4dd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=994
Content-Length: 118099
Expires: 0

GET
H/1.1 200
OK 271322632_1009446273247591_5765830894686096540_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 73 KB
73 KB 147ms
147ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271322632_1009446273247591_5765830894686096540_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 6b647025c9c8b33ee711784e3af507f60afcaad55bf467bc08f0d86255178de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:33 GMT
Server: Apache
ETag: "123c5-5e2938b944103"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=992
Content-Length: 74693
Expires: 0

GET
H/1.1 200
OK 271970450_621613332393408_2433793189459319696_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 32 KB
32 KB 148ms
148ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271970450_621613332393408_2433793189459319696_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 71f7e73ad4c457a1798ccc762abfefd7bc834784aa66e88e754b963eb148fab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:31 GMT
Server: Apache
ETag: "7ec3-5e2938b7926af"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=995
Content-Length: 32451
Expires: 0

GET
H/1.1 200
OK 271531002_909609713261240_6523210628247731319_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 73 KB
73 KB 150ms
150ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271531002_909609713261240_6523210628247731319_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: cb6a13fa6522662107dda9be5efb0743d49d42816e9e67450f795a6c1baf52ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:33 GMT
Server: Apache
ETag: "1236e-5e2938b976d9c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=994
Content-Length: 74606
Expires: 0

GET
H/1.1 200
OK 271518268_312601874124669_6042887061965316253_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 91 KB
92 KB 428ms
147ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271518268_312601874124669_6042887061965316253_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 527037923fd160eb4b5d0165bcb1d8fa52f9db8351ed89723adca3307e8396a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:34 GMT
Server: Apache
ETag: "16d93-5e2938ba78b19"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=993
Content-Length: 93587
Expires: 0

GET
H/1.1 200
OK 271491368_4782988085122232_6692049023402504924_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 90 KB
90 KB 229ms
144ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271491368_4782988085122232_6692049023402504924_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: a8349fa60c39734b8966833197925b1e8f1f1092902d55ed78d41bd9722bd605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:30 GMT
Server: Apache
ETag: "16860-5e2938b689bce"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=991
Content-Length: 92256
Expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1146 8 KB
895 B 58ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=90&slotname=2437095843&adk=4025348117&adf=4164852396&pi=t.ma~as.2437095843&w=728&lmt=1666958732&format=728x90&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731963&bpp=5&bdt=1484&idt=193&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=3648785372291&frm=20&pv=2&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mSwIgNSHsO&p=https%3A//www.bookeventz.com&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1146 2 KB
847 B 181ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:28:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 1146 23 KB
10 KB 177ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1146 3 KB
1 KB 178ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:57:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1146 17 KB
7 KB 178ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1146 153 KB
47 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:05:32 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 1146 33 KB
14 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1146 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn9kYjMVbY43DDtaDlgT_obHoA960_JJt1J2RwMEQw--PnK4jEAEgz4Dse2CV4pCCoAegAZKZq_wCyAEBqAMBqgSHAk_Qoum4tj-kaOdiXfOWeg3JHMNTF1vmO_T2hK9ahuALWbbT3GNSGe0ofi4AGsl3K2z0bINpF931QRBhL4yh4doWaluSZClvhiOVOGSwjzpb1FpG2_5hJrkHxDQx6WI4BayOVJ0arspfIk_OrAr7YQe2rxhJF-k5ZSx0yIoVnUc8YxdcRs5yXjxAvUZX0fQ2gCkKMhxPSmYH2sJveZZCaiEnCGkTm8y80FxHIEyXjodQgs09fVLLXlu3I5r_tfA-1EBJY1bF-7cR3O8FKdApT5wm61_Q2nXEq8bNmyxloMtkX-kOj94ZjPPAtMmHbzo5swny5uHH2TZHsc5Mh05JtdmdU9KuETlrwASNscbIhQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDLjAXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNjA2ODU1NDAxMDg1MTkxGAA&sigh=Fc82tsF6pzE&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=90&slotname=2437095843&adk=4025348117&adf=4164852396&pi=t.ma~as.2437095843&w=728&lmt=1666958732&format=728x90&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731963&bpp=5&bdt=1484&idt=193&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=3648785372291&frm=20&pv=2&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mSwIgNSHsO&p=https%3A//www.bookeventz.com&dtd=212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 12:05:32 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10295664936778405380/ Frame 1146 2 KB
2 KB 174ms
21ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10295664936778405380/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cc99022bc4ec8275bd4f5aa39ae3c4a748cef6b0b65cf6f66b21d63f9b472d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:23:48 GMT
x-content-type-options: nosniff
age: 16904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1617
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 14:58:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 07:23:48 GMT

GET
H/1.1 200
OK 271202556_427242519135729_5881921219207687288_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 84 KB
84 KB 332ms
149ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271202556_427242519135729_5881921219207687288_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: c960d7ba8edf923f20c1e7d6736004e9036ac509dd1eb21cf950e3371e231140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:34 GMT
Server: Apache
ETag: "14e58-5e2938ba671d1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=993
Content-Length: 85592
Expires: 0

GET
H/1.1 200
OK 271963571_1026533791260906_3805749381073109835_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 64 KB
64 KB 211ms
147ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271963571_1026533791260906_3805749381073109835_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 97847f516a08bc7fafd91da08af0cba15ff13b9c441b0d5a3d9c0e6b80f4232e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:32 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:32 GMT
Server: Apache
ETag: "fef1-5e2938b824eb7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=994
Content-Length: 65265
Expires: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E91D 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=90&slotname=2437095843&adk=4025348117&adf=4164852396&pi=t.ma~as.2437095843&w=728&lmt=1666958732&format=728x90&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731963&bpp=5&bdt=1484&idt=193&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=3648785372291&frm=20&pv=2&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mSwIgNSHsO&p=https%3A//www.bookeventz.com&dtd=212
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 11:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1146 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e04fa415c0eb55bf8e14b81628dfbca829654139b40acbeb3ca4100fa691e5c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 7642 23 KB
9 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=1525412025&adf=89056384&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731968&bpp=2&bdt=1489&idt=242&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OdSp6cighe&p=https%3A//www.bookeventz.com&dtd=247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7642 8 KB
716 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:20:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:32 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 7642 14 KB
3 KB 73ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:53:02 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 7642 362 KB
124 KB 74ms
17ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126916
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:53:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7642 17 KB
7 KB 52ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1146 28 KB
28 KB 50ms
17ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 184849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 08:44:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E91D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

32ms
32ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:33 GMT
expires: Fri, 28 Oct 2022 12:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 151 KB
51 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/reactive_library_fy2021.js?bust=31070539

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50274613bb927da5749b3d514a53f39347ca366fcdd607ec175aeb046600beeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52383
x-xss-protection: 0
server: cafe
etag: 2630047954007822264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:05:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5704 6 KB
672 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 10:44:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5704 2 KB
765 B 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:28:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 5704 23 KB
9 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5704 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 10:29:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5704 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5704 153 KB
47 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:05:33 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 5704 33 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5704 0
0 62ms
61ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3ddXjMVbY6apFMHbhQbMm7aQCd60_JJtjJyRwMEQ-LSnnYIgEAEgz4Dse2CV4pCCoAegAZKZq_wCyAEJqAMByAPLBKoEhgJP0FvDxo_NLrWpJkGXIB0HyHfTZRdVezPPHJr408iayoGHmdmLqnUwMQdYgfZXz79v-TPJxZlxoYMIybcg_3yDHeA1wQtgEsJXYWamB6TYliKW3UaT4D6_a2ZxkIWve6iamsZrouho6v7_fmTKtGSgghmbxOK7OhJfI5QHK1rFqrl874-_Vc2ssdvdESXuYnEe1Sak1vEp5nDS9UfVOpJ6FD4rnh7kFV_d7a0W7BVI6RV4d8Tv0l3QsPB0uG3tpVCsHU6yv4TaEtIVjgk10_AzT701dCBZIvL4Hj0cBKsayFhgyaFguWBhnYF-HRP71l71ECxCFhReJUBl_WaCOL3iXZ5qt0h4wASNscbIhQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCKmAPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjYwNjg1NTQwMTA4NTE5MRgA&sigh=Uix2iyCsp2U&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 7642 0
327 B 92ms
35ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9sg6uep&c=1532948690620&slotId=766474345310&qqid=CILm35jxgvsCFYNXwQodlV0Mpw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7642 15 KB
16 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 24964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7642 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 600640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7642 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C_4EfjMVbY4LwEYOvhQaVu7G4CrnR3P5svNq548cQ8C4QASDPgOx7YJXikIKgB6AB6pHKpwHIAQWpAjBdLNZRw7A-qAMByAObBKoEiQJP0OEWtCYhw4RfF56T3EFKkgdsDV-M8hZP0jLzrB-zegOw7GLFB15l5qpBFbcZvyvbn8mbKbJcOUKbgt38UwIWSg7aPy6A-3JjWHVf_n4o1iI7QqsbzyzY0MTQrNYyd51ltiuDwd5V2lQY-dwA77Sjy2A08eOYn-dPWg6XcrA14XoPPZbMAf48RAhwzcbDXT9jgN1VwiIWeXdLjErZ-HWELVchUhTc1j9q3vjIcB3QxciNicMw8hxeRIIGHiWGS_R6C9H0Mk4IG9XwrnOLkEY9T9HQxwNthDaJJgfXpJoA8ttR-OEMlsiFYRYnrdZiheNuU11LhtgbLbRmyzRb7qyGDAfEURQwoffFwASCorSFngTgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBPG2vAQyBO_9qLhA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1666958733183&ai=C_4EfjMVbY4LwEYOvhQaVu7G4CrnR3P5svNq548cQ8C4QASDPgOx7YJXikIKgB6AB6pHKpwHIAQWpAjBdLNZRw7A-qAMByAObBKoEiQJP0OEWtCYhw4RfF56T3EFKkgdsDV-M8hZP0jLzrB-zegOw7GLFB15l5qpBFbcZvyvbn8mbKbJcOUKbgt38UwIWSg7aPy6A-3JjWHVf_n4o1iI7QqsbzyzY0MTQrNYyd51ltiuDwd5V2lQY-dwA77Sjy2A08eOYn-dPWg6XcrA14XoPPZbMAf48RAhwzcbDXT9jgN1VwiIWeXdLjErZ-HWELVchUhTc1j9q3vjIcB3QxciNicMw8hxeRIIGHiWGS_R6C9H0Mk4IG9XwrnOLkEY9T9HQxwNthDaJJgfXpJoA8ttR-OEMlsiFYRYnrdZiheNuU11LhtgbLbRmyzRb7qyGDAfEURQwoffFwASCorSFngTgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBPG2vAQyBO_9qLhA9gTCogUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 7642 28 KB
16 KB 133ms
47ms XHR
text/xml 64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Czsj73S_9UnKgvkJyl3JMuRM5C8S8nTvpFTbWtR3NtSrn6ME2ALWRZujSdvt9D1TeTPvbgOrU06MkvAjB5dGJNhB5hjQ&cry=1&dbm_d=AKAmf-BUvZQOl6SlXSKZjAfT3orzQlXhpov99Pl34Vn_5J67rI8WJrd70ZeMP-q4MBHxTuChDVZBwxOL3K6p09nOaJCrd24P0YWdihx9Swzgu8hOMCeuZ06wuqU1b9mgFCx4Xsn1MVGe9vL08YZ3u7rzIamN1bCeBG7dl1GruxCdvLqYeSov81zQX7PRVe6QMN2Pp8shmK6ka2OpGaaV0r1LRs5FbOzjPohomv7lm2ExLOdLetO3mt3XcH3Cl9z0l-j7aEcg_6OUf0CzAFsE_diRwIjNlXftxxAaTjwm6XIeA0jRMtHwH4EdCColCXUJ4OuU7Pr68pd7JGYSPIhPmuIspR1OOKQIkfqZwMwyKmXd0oYGZ1nkR-cxgSkofo-bqtSD5vOl01Q_IeJrwLMzxQyF5lsqbClfLxuvuw30mt0uwKH0qXdvj-s_1efNdvoW0jso1OJfKvgaKJhwcYfNbYPTGkQaVePFzSf_vvmZ5wvaq1DAuO4BKN6Zt9nPO8SzK0bUhIEhl1lCnfFrgYu247_rY5KV2iBsxvg9aKK5P0L7B-fHif5utuQCrM3-2yzawRxgyC3HEqay6ZMCNPL6rL72iX86IeVyCqk3suXKUtv0zb3MVqPD1PlhM2eOZtoIp9WM9-8zOag12ZI7JSF6T7aQVtKu_HeNBUMub0RGvN44FtEJyoslQtDOmQrV7Uw6WWv24HRqZMeJvyHJDJDWLjlFEVIKpNsGqsEp0pcRp5N66QsysAp9ifuLXDoNd2U1ttqA_AWM3S-gDiQKZas6Xnr8EVXjHrLYwSBrlilz_Uu61IEiWoUmTwc7PZWRNkzjve0O3iuI0glvCy0MJJ69Peiunj8qYL8a-LzzaM04dvQjy_hZtvY-SLtZkS0pW-ws7KC4CnQx9PhgYpo94I_r5DivdOXX8aHNk6hFS0OQu4cMUCP2n_xKNRay6G9H3Pp5vjew8H55Ck-MlYsaNzCRb7ejyVPxSm8IsAfR6C5IqdYxnvJMis05yrfGHOKaMsoj8VjQN3zrqQUNToz7M-mrUbPxGeq8gPKaPu9SOIvRysiEgq06Qr26PzJzQflFkd2uaVsfGdJJWtwcI1HxvChsjAFUqwVDJ5X4D4pjDMenDLHJK3M9FJ3N-BSQD8ARSyVHzORJTA4xCUy6XnbMFQRuXni-9jcQSfvEFiqRSKFPhINpKiUQvqzZF6mcSEjtAWMY3j5CQTMgyCEf7O04vm1UsbiFgDv_gPuOkRWN55DaIO88RowMFO7vsLK1-9ChpwwQgKCUEs0oATH6fKB65amAvqkG7omsAhCPhW0p2ecumn0IIIjwREJ4FapV_jGQ7eIxOyOPRaOvj6cSAuuXZSeTK97fPjPWLM0dxIj1HNC8HQxAanBQBOecZ3PtLOoYMzHYOa-VQvcrNI1ro9Peq7anU7lOlsccTmI0foCGBe29HMY509uz_Ll5MZTlNzqzUDcD_eCGyihq8ZvYOEdqrrbU4_nEAEx3yfj50At4fjWsFNRsN3M32erlWMvGVEo2G69Lf3bgcq2B3FRuvdHKY6XflzSDmM6JFdh5RXdDt1dvYhfKrab51nUyxaLAGMfcUvrYyxSTwUzUVZej2aBeXU0lhwWk2K0n3pbocNk5pQGK83FfqrK3atrHkuKKBSPsYxep9-H3BiYasJZ7ya5yS3jQUQDBX51iMCXPBDT8dwTFMt3i2qdqDh4cLbdNJ3eINQob5iPtJrCRXfWbJYZ7hk25OTrEbH7hYJD9lPc3za79BLxbaXgXUFGF4yHGbVNtuCqXN2OqWCPcwYe9t9nmmvr_f3dNBuVaYRlpApaNv3Qlio35vB4crUjpYtlHVYJFKF_wjqf9PSgnngU9EikCLZW2lZ7h2kieW06kt8IBqFzmknK3kjBIlZ98Sja4k0yb6eowQ0dgAF9S3C9p9B_BXrJxHNHpdc3nSTVlu09g7V7vX1M5EcwxrIJ1STngxQ55lRAvoBIhGSs-BOgV1o6fTVFtHE5nC9RXH_kNTQB7579QkFISZ628w1OvukoDTvQJl0vQj1_5F6ISurStC3O0SDG2_UO_7l6lC2FOdJy8s9G8C-_ExRhWt8Zp01n4anLKmgMdl-YO0sUFLocVWcd4l3rj-jO0Q_Tb2ovfVrMcSEElNnVPjzcHu1bodXZOR7eVNBGNtR8lTUWFJvss76YN3b-dY1maRj9K2oSi-PcOgoDCPhYs83vL_fdtnd8Xzj-vmwjhrX6lONALvDvkv3_uMhFTKAi57Yze535GgOG7h15ZkOCB7kdTGCyp3ZWOiM8Tc-OT1ETOoo008hUmet3zGaesXi-kZWDKObqyrlp_x5irQoaJYaoJdFDYEAkdTPeLsGRxxITZ-7UzwriTMwltrKAEMEeQ0anC_uaCo4p5tjeSBUkh3-O2ZaE-opdFFrxIZMbwymXiIPD8np3gXyIcz7M6Mr_oQW02nm-p5ZF0u16CTbhulUbwQi-hRDlO_UgsmoMiG2jcdcKKlDRkIwl5YO0Z4FWOgAkAvZ5rqyFxO_HxFuBR2jvJZSC3EWw2W3eoLQAFoVPvmTNanyRA4ONLN6B6-KZoWGQ88RWpgU_9Q0QJSnPETQJdINcFf0lM91HFtqIHSm8AUQmZmRrGdmCNYwu9POb2_VATS8tqpL4fbFDGjXZxitKSJLfygBnN1-r17BgW4ZcmcBiqQpgIqmJc__wG_8pTi6bZIW_FlYCy4cV7P0G-4TWTG9e438xjLET3EmHC2fRrg7EmPZWnbYh764BpVtMNyvTy22VjKVEZV5yUZAo5OnxpeW6EAxMwzpb2-bMLtIK6NWvD0uPnSJfEDlV4vJ-cbL3H-X_BdYSORtDI9yiu5Qhylkd2F7_fClvhEq5edXXYkk3qQpyDq1zjsrmiNZviTS1XhFsXgl384F9xfqvth5va5iU7LHWBjl3qp9StGay2cZOTHM57VIaPb9cuW0DuqlJTwpsMQ8KY41rXtRoG4VsDxtXOFUXOG_9fNO5GuTX7SLehaKEotpDtwEPQDTYLoYkmFVMD-mM7x8JcBYBuoNxeGtthURAQ4ftsWPycNBx-YuX9--Z1R5wDjypgzvNLtSKkCAh6C4c2ugf7hBV9GErosVbWsbvEN2YSk_AbJWBfOC4lZLO8a1SKKc1jcQX9TkjYakzRtXGg_3m1U5rExZej82ehMyCBMqIScmP_sjg7293nRkowR4XPxzRCSXOX4-9UEw4LCHRL33QtQM9G5bUSBOXzYK8Jj-m-e3G3VfAwvwzpPS0U5oScXDKXHzdQPJx5LwcxDgipV5syy7F80_jtGOcjWYtd9a7hNX4i6JBb1R32vz9vrDfEQdfSmjGqTrGPa2YoUg&cid=CAASBORoG_g&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

cafe /

Resource Hash

cb345087974e8b10c28ae96278bdf7e6dc5bfd1537da2841bb0dd761d6e4f7e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16170
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7642 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnn3mjMVbY4LwEYOvhQaVu7G4CrnR3P5svNq548cQ8C4QASDPgOx7YJXikIKgB6AB6pHKpwHIAQWpAjBdLNZRw7A-qAMBqgSGAk_Q4Ra0JiHDhF8XnpPcQUqSB2wNX4zyFk_SMvOsH7N6A7DsYsUHXmXmqkEVtxm_K9ufyZspslw5QpuC3fxTAhZKDto_LoD7cmNYdV_-fijWIjtCqxvPLNjQxNCs1jJ3nWW2K4PB3lXaVBj53ADvtKPLYDTx45if509aDpdysDXheg89lswB_jxECHDNxsNdP2OA3VXCIhZ5d0uMStn4dYQtVyFSFNzWP2re-MhwHdDFyI2JwzDyHF5EggYeJYZL9HoL0fQyTggb1fCuK4pSfTUVYOJVzI5dIEP_SC1W5MAAhP1Kv6AMgKdrtS2EztcKSTD_zaCu9gO5UIy19IsEhKoUyhKQAvrABIKitIWeBOAEA4gFjbazsUWSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ1s4GGNavoNYB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE8ba8BDIE7_2ouED2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTI2MDY4NTU0MDEwODUxOTEYAA&sigh=5BBJTbJSNKk&uach_m=[UACH]&cid=CAQSGwDq26N9MYPkK5X1ve9pkDowNNL7Rk671-PuDyAT&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=1525412025&adf=89056384&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958731968&bpp=2&bdt=1489&idt=242&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OdSp6cighe&p=https%3A//www.bookeventz.com&dtd=247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7642 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fb275560ad31fa39c746c43c092a320abf4ac4474d633a27a4b4862423ee2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3751034430867567398/ Frame 5704 14 KB
14 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3751034430867567398/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dcf510131a7c52c09d3a78b4e65cb045c909fa421f84507b1a00030599955fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:19:25 GMT
x-content-type-options: nosniff
age: 603968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14159
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 18:39:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 12:19:25 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17790311148257100460/ Frame 5704 2 KB
2 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17790311148257100460/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ac523824bc1635fae9a925f20cecfb001148b2c9ef0a799e014b948f95e301c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 00:09:14 GMT
x-content-type-options: nosniff
age: 561379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1656
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 00:33:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Oct 2023 00:09:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 58ms
26ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bookeventz.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
26ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bookeventz.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame E275 10 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bookeventz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5704 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74f1efa3d7ad20d86931080e5cb06b68160cd77ae6672a90b8594c53074db0ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame E275 9 KB
4 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 21:43:32 GMT

GET
H3 200 40f44225e0a1c31e628c89e0882e5f2b.js Show response
www.gstatic.com/mysidia/ Frame E275 10 KB
4 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4273
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 13:06:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E275 8 KB
895 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 10:36:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame E275 2 KB
765 B 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:28:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame E275 23 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame E275 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 10:29:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame E275 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E275 153 KB
47 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:05:33 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame E275 33 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5704 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 574993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:22:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5704 15 KB
16 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 24964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5704 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 600640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H/1.1 200
OK 271463050_136077375528076_5657130121486879308_n.webpfull.jpg
www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/ 91 KB
92 KB 148ms
148ms Image
image/jpeg 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/sb-instagram-feed-images/271463050_136077375528076_5657130121486879308_n.webpfull.jpg
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: fabf96d2afdc683a3ed575f63d3b4ec569b6dfd561d5fd3cf8558c56333bc63a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/blog/birthday-wishes-for-manager/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:33 GMT
Last-Modified: Wed, 29 Jun 2022 10:23:30 GMT
Server: Apache
ETag: "16d33-5e2938b678285"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=992
Content-Length: 93491
Expires: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17790311148257100460/ Frame E275 2 KB
2 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17790311148257100460/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ac523824bc1635fae9a925f20cecfb001148b2c9ef0a799e014b948f95e301c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 00:09:14 GMT
x-content-type-options: nosniff
age: 561379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1656
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 00:33:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Oct 2023 00:09:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E275 0
0 62ms
61ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CftX5jMVbY_DBGeW-hAbwy5fgA960_JJt_J2RwMEQ-LSnnYIgEAEgz4Dse2CV4pCCoAegAZKZq_wCyAEBqAMBqgSMAk_QDD8MHjvLtrSvCyTXBr7ANs5opaR9VCIkA9dGP9Ool9HSxx7QB2TmDxCVUZs5d2cO7PGeWI8AByrcvIDvxBpPvqwuAY6LukSkHsD0UivRLzgdxX8SYZ95C5kv6h1n-7vwz7Fgfe4MfekXELjaYJBeBw83hDSRNfxX5TeUgZ3-FTZH79X5OcOs3bBr5XpMoz1TewrEggW0SzCKL7DpbfF7f6C5-J63ag98MxSOZZH_NsaHu0Ka9-g_o46ib9-w7BJRhS8R_LpZh49IWmKSA93AUVNRDtP_B3XFNRliI1U36sHev1mY1FIwqmj9w2LFlF4cqeCqzjvCGHhRZ9sAlygwSkQ45itDRcpE8yjABI2xxsiFBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfW5tSDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJSJCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI2MDY4NTU0MDEwODUxOTEYAA&sigh=j1UZ2W8biT8&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A995 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 11:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D09 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606855401085191&output=html&h=280&slotname=1410095809&adk=822810983&adf=2338928421&pi=t.ma~as.1410095809&w=791&fwrn=4&fwrnh=100&lmt=1666958732&rafmt=1&format=791x280&url=https%3A%2F%2Fwww.bookeventz.com%2Fblog%2Fbirthday-wishes-for-manager%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666958732242&bpp=2&bdt=1763&idt=2&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C791x280&correlator=3648785372291&frm=20&pv=1&ga_vid=1044521489.1666958732&ga_sid=1666958732&ga_hid=1007154411&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44760911%2C31069177%2C31070539%2C44775016%2C31069564&oid=2&pvsid=1951408146939120&tmod=793300884&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=A8ppKHqDdg&p=https%3A//www.bookeventz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 10:27:13 GMT

GET
DATA 200
OK truncated
/ Frame E275 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff90bf7c4c1116b703c4700c77543fd67218530fdc7e72b747ffa3e18462b06c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 7642 41 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7642
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

77ms
16ms

Fetch
video/mp4

2a00:1450:4001:18::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E53D7A4B6E97F370C73ABBA5CC1B4F7B1DA093.079C84B04290EBEC55EC0DB8ABBF15EBD9799472/key/cms1/cms_redirect/yes/mh/jh/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1666958467/mv/m/mvi/4/pl/49/file/file.mp4

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

HTTP/1.1

Server

2a00:1450:4001:18::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 12:05:33 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3172675
Last-Modified: Mon, 17 Oct 2022 11:22:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 28 Oct 2022 12:05:33 GMT

Redirect headers

date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/63E53D7A4B6E97F370C73ABBA5CC1B4F7B1DA093.079C84B04290EBEC55EC0DB8ABBF15EBD9799472/key/cms1/cms_redirect/yes/mh/jh/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1666958467/mv/m/mvi/4/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A995
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:33 GMT
expires: Fri, 28 Oct 2022 12:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:05:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E834 23 KB
9 KB 18ms
17ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 353106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 10:00:27 GMT
expires: Tue, 24 Oct 2023 10:00:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame E834 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 11:56:23 GMT

GET
H3 206 file.mp4
r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7642 165 KB
0 33ms
15ms Media
video/mp4 2a00:1450:4001:18::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:18::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 28 Oct 2022 12:05:33 GMT
date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3172674/3172675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3172675
last-modified: Mon, 17 Oct 2022 11:22:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E834 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BoqAXjcVbY_PZEq3GxgLsgbfAAwAAAAA4AeAEAg&bg=!vL-lv_vNAAZPh4lnb4c7ACkAdvg8Wgpqcva74kD1HXyIpzJfLTt1cy8SUXlmc6TA_u_z-Wv-9OIhvgIAAABXUgAAAAJoAQcKALApQ4Up8tyGa5u_QmiM-TX7-uVr5l4Ec3y-ydxNcxoEtyB3tmaakEAnhCw4kX4ogjhLzikdpQMrMKeueryf3W2TavV16bgeFxqw17ZnXuIH2ejNFiiTz5D5ltxgQvt84Vd1lMF5B1kOfYlS01Vkg0qm-WeUuRxMaoBfiYOl2lO7QNCGhMSoge5GxvGzretmJykB9ZTupPZD_Tu18jNpBhhjC1knWsWAtNDm1T92JeQoAZkCzC0akjXvnbWtG8XN7oR7CtHKoDHhIqK4rBmIrfBYWTN-NPvE3rE61Ir3dXr43LIpGTa_Vd549TSz4l3K49Ne9S66SwosWUIqAyaeWAo2VqKr9s-KQ5B6bKCAgEQoxLnwaGrVASgXDYVnTsnf2EhUkKPBWIK356IVBS7vezwPpXXFtB2HagIEk809VCK7d6hFQ4THlWTpUpH6xN6HYrZk1LDIF4EIMAHxxMxq0nr616Xufu5eYCRjmzI5hH-AW6Ubnjk7kN9u-Z6SRLEvlmHT2d59q1T2N_R4xQOjBm59EET3ZInFBaqYpNZ5djr7eX0EbtlUkZjoHtc0eMFODf6tEayBgL4g9XCju9rCOwiwE-n6mhamles8ngQvolYIgdHbyTBaV24G3c-EWlaKX5mfK4WxTV53Dt-zOHakXHn6ge3J77AH1JuM-FnUeMumYLNnxTIPZF33JMmEj5HsybB8_BG16nlCGQl-LDylSv3W0G1gd9ncf1dzWvlPYSKZip40qrKzb-js0PF0azkhFpUNYuarZDarzGibhmU7t_N1GdRHhpeYzSb7btOlzr1MkxfMIizDGelWe3duZ5BaaTbh3-1Jo7GGgLw6_SMKTcbglBy0pYM1FqsuvHFWnyv-x_sUeEfNpXB3Zb-Rrkz6XYcv65U25eW-1V0eADwK6ginYbafSvyL8xgehqbCGqrPyZgSAkiMxQoUvqv7zreSg_GQK999JrVOFgtzbHyM-SNJ7KP-3AkPFmdt97CGySvJ1_tVs5SFjVWiKt4t4QJyHuAJHUVsyiKV0baNTz5hC7nZh6VsxbnxO7RGEDMro8C6dyYZjTVviJHR4ooX99VcL605M3yVWMCZGZ4Q9TZ7ld948VFC-fFhQXljwNZXO1B84rL9l4p9MSP6TFJNQot05Pjzmd1uVpajN3VkG1LvhELpMPJmtMvYHEYzwKsdVWwb

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/birthday-wishes-for-manager/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1146 42 B
64 B 86ms
53ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZVOaZ3hk4fQgWOFeyQyr4AsLrXteoxgnyJi8iB-VcJ7AenL-1ZFkDTeG9NX04oTS1k2WdGg9q32Yd4rUFUcc-6-9yqrgYreed1bj1KEooAJcAhE4jz43KHCo51ACyiITQNBK6WQ&sai=AMfl-YRa5CBWzsdl7-pbHnqGAFY3R_aF5OrbiXNxHxSeQSvykeu5vVnoYvGJCACsdXbI_XvctW2TSXr5xIwOFIY&sig=Cg0ArKJSzNYdgM_9yFrpEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4025348117&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666958732177&rpt=999&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7642 0
17 B 70ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9sg6uf5&c=1532948690620&slotId=766474345310&qqid=CILm35jxgvsCFYNXwQodlV0Mpw&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=852&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=10&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E275 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8XKJhuhV4q4J60UqgNlOAQSqYf-4gCd1VVt0v0tP7P40_63SW8zW-hP_b1Umsc10tBrCH4QG2Qlkqy7PE4eE1NIOGfXMJoQtnQjHpNlI_d716nfZq30pDMFuG0mTPHKHGEKLuqQ&sai=AMfl-YTpsIFIpwC-Ydz5ahgE6apC8upl_rZbrBgV1ydRmbPXRNnYkVxjWU9hNHjf6Vd91IpNjG0NwxUvRnwpiAU&sig=Cg0ArKJSzIPwZK3xHnH-EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,768,1000,1115,1153&tos=83,685,232,115,38&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666958733222&rpt=169&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:05:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.bookeventz.com/blog/wp-includes/js/jquery/ Frame 8317 87 KB
31 KB 156ms
156ms Script
application/javascript 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:53 GMT
Server: Apache
ETag: "15d98-5e29389360a98-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=994
Content-Length: 30916
Expires: 0

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.bookeventz.com/blog/wp-includes/js/jquery/ Frame 8317 11 KB
5 KB 151ms
149ms Script
application/javascript 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:53 GMT
Server: Apache
ETag: "2bd8-5e2938934938d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=991
Content-Length: 4169
Expires: 0

GET
H/1.1 200
OK gtranslate-style24.css
www.bookeventz.com/blog/wp-content/plugins/gtranslate/ Frame 8317 693 B
722 B 152ms
150ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:44:03 GMT
Server: Apache
ETag: "2b5-5e294ab788c8b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=992
Content-Length: 299
Expires: 0

GET
H/1.1 200
OK buttonizer.css
www.bookeventz.com/blog/wp-content/plugins/buttonizer-multifunctional-button/css/ Frame 8317 19 KB
3 KB 153ms
152ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/buttonizer-multifunctional-button/css/buttonizer.css?v=d67a6c0a4f789c232eb39d18f38c61bf&ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 579e8c01bcc33828befd2b2aae7c1a133c88fd812429a8b149d6aba5a66a08eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:39:18 GMT
Server: Apache
ETag: "4d72-5e2949a75e07a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=990
Content-Length: 2285
Expires: 0

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame 8317 23 KB
6 KB 53ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.6.2

Requested by

Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 13444753
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 74650a6817a456c7f0af3754eeb48518
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76138a6e2d678ffb-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK wp-about-author.css
www.bookeventz.com/blog/wp-content/plugins/wp-about-author/ Frame 8317 1 KB
793 B 148ms
147ms Stylesheet
text/css 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-content/plugins/wp-about-author/wp-about-author.css?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: e868025497d76bd96caefdeebda2a813be57b5f6703519019f5ef645d4f220a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 11:46:21 GMT
Server: Apache
ETag: "47d-5e294b3b31a82-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=993
Content-Length: 370
Expires: 0

GET
H/1.1 200
OK cropped-New_BE_Favicon_2-32x32.png
www.bookeventz.com/blog/wp-content/uploads/2019/06/ Frame 8317 1000 B
1 KB 144ms
144ms Image
image/png 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bookeventz.com/blog/wp-content/uploads/2019/06/cropped-New_BE_Favicon_2-32x32.png
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: fe67b66bf78bfe1bbb21447e279ac449cd4a1aa7dd352c1f9f501851583642b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Last-Modified: Wed, 29 Jun 2022 11:31:35 GMT
Server: Apache
ETag: "3e8-5e2947eeab53c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=989
Content-Length: 1000
Expires: 0

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.bookeventz.com/blog/wp-includes/js/ Frame 8317 14 KB
5 KB 149ms
149ms Script
application/javascript 101.53.132.55
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bookeventz.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: www.bookeventz.com
URL: https://www.bookeventz.com/blog/easy-office-potluck-party-ideas/embed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 101.53.132.55 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-29-55.ssdcloudindia.net
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:22:51 GMT
Server: Apache
ETag: "3795-5e293891717c5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=993
Content-Length: 4662
Expires: 0

GET
DATA 200
OK truncated
/ Frame 8317 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame 8317 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 css
fonts.googleapis.com/ 664 B
356 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 10:58:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:38 GMT

GET
H3 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/ 61 KB
17 KB 124ms
103ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/socket.io.js

Requested by

Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d3db4408e44abebf3107d88297c0c9f2234c2eb8837210b5fa9fb2b75852b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3345912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16834
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-f3e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76138a70dad9910a-FRA
expires: Wed, 18 Oct 2023 12:05:38 GMT

GET
H2 200 responsivevoice.js Show response
code.responsivevoice.org/ 93 KB
23 KB 100ms
47ms Script
application/x-javascript 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL

https://code.responsivevoice.org/responsivevoice.js

Requested by

Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9240ffa48a0793a624221e13063c5c91d2e3d0098aeb15843f8204f90d74807b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' responsivevoice.com responsivevoice.org .responsivevoice.com .responsivevoice.org
X-Frame-Options	ALLOW-FROM https://responsivevoice.com https://responsivevoice.org

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:38 GMT
content-security-policy: frame-ancestors 'self' responsivevoice.com responsivevoice.org *.responsivevoice.com *.responsivevoice.org
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1540
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 17:48:23 GMT
server: cloudflare
etag: W/"62c47967-1758e"
x-frame-options: ALLOW-FROM https://responsivevoice.com https://responsivevoice.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1ppYRcwxBgZD4%2BNHYfhtyKXVg4ULEuZ2t4QID97XIBN00QjWsFwUnQVBMg0iCMi1Vn4%2B%2BTJxCj8OodjhO%2BHyZnOYEeG1FrsDp4gtjJN6yoy4T1AKSedVF5BNdqiLr7l%2FcoqRndPX0YnbbPsHODnioHR1eUkCNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 76138a70f8abbbe3-FRA

GET
H2 200 pikaday.min.js Show response
cdn.jsdelivr.net/npm/pikaday/ 16 KB
6 KB 75ms
38ms Script
application/javascript 2606:4700::6810:5914

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pikaday/pikaday.min.js

Requested by

Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9a4327f67d2108a8eb72d0217e022889c549dce7220e0df716b83143f14db7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 15416
x-jsd-version: 1.8.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19160-FRA, cache-hhn4078-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"406e-D/T/OBvKx8Uag82win0wSEbxXxc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76138a70eec692a1-FRA

GET
H2 200 pikaday.min.css
cdn.jsdelivr.net/npm/pikaday/css/ 4 KB
2 KB 67ms
30ms Stylesheet
text/css 2606:4700::6810:5914

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pikaday/css/pikaday.min.css

Requested by

Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f0afa8da56e0ca3b2b58a52e70b4349327abb4c27f1f574d2c6048ee1786b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3298
x-jsd-version: 1.8.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-itm18837-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"e26-q4c9Vv/YGcdzZa4a4DndsHOMBpI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76138a70eebb92a1-FRA

GET
H/1.1 200
OK smatbot.css.gz
smatbot.s3.amazonaws.com/files/ 121 KB
18 KB 121ms
119ms Stylesheet
text/css 52.216.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smatbot.s3.amazonaws.com/files/smatbot.css.gz
Requested by: Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.116 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ba7bd7aa8944bdbdd47d1a4b41f0ed4dcf3305ca1c7604e55ade72ce36d58fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 12:05:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Aug 2022 06:53:08 GMT
Server: AmazonS3
x-amz-request-id: 5166ZNSTNE7TW86C
ETag: "1e93b01d4730e409c9b53e06468f19ed"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 18300
x-amz-id-2: UKhztaiotF/D8BrD7G5VbjMGKCWDzrFRmef/S/2AEHfwYkK3SdGHKfZhX/qCo7LD1Umvqye2n5I=

GET
H3 200 icon
fonts.googleapis.com/ 569 B
367 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: smatbot.s3.amazonaws.com
URL: https://smatbot.s3.amazonaws.com/files/smatbot_plugin.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bookeventz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 12:05:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:05:38 GMT

GET vanillaSelectBox.css
www.smatbot.com/css/ 0
0

GET vanillaSelectBox.js
www.smatbot.com/main_js/ 0
0

GET geoIp
www.smatbot.com/kya_backend/api/ 0
0

POST chatbot_utils
www.smatbot.com/kya_backend/pagehub/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271970450_621613332393408_2433793189459319696_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=100&_nc_ohc=eDyNkf7SP8IAX_mjCBH&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfARNn92n-WboKRHTjQKRgMOBZ57OXdarL6BGH4b1Evqew&oe=63616C28&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271963571_1026533791260906_3805749381073109835_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=106&_nc_ohc=5FcQmLRAVgoAX9Yr8uI&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfCe8SXh0ZW1DAjO3NiqcPYprlFwqpWJX6SSouCW6ElmDQ&oe=63603EBD&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271531002_909609713261240_6523210628247731319_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=PppCWzhGj2IAX_22au_&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfAdOTKaJplBH8bRpTpHXEtRGf2xV42YkCnfqSmtd2RBEQ&oe=636198A1&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271518268_312601874124669_6042887061965316253_n.webp?stp=c0.135.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=eSP4Cj7vl9gAX8teji9&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfAF0xrB_ftpmyhrvlDFj7s38C1j1m8vLseNToKVJIatWQ&oe=636077FF&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271463050_136077375528076_5657130121486879308_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=104&_nc_ohc=3ElF2iulysIAX8-m1um&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfBqzYZeN-v_mVjdsGuVeWmNvEPK_CNEMfrIowdPyVdjag&oe=6361933F&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271322632_1009446273247591_5765830894686096540_n.webp?stp=c0.128.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=107&_nc_ohc=_vsBBgBc-poAX-5vQRR&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfChNADAQ27bJI8mHQ0_OsjfrridG3GlJPEbdxhNOjWr7g&oe=6360A0FE&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271491368_4782988085122232_6692049023402504924_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=9a_85z-rKMUAX8WSDt0&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfCO1MNhnbn2et57x6EVxzo3LrSF1iBKv-NHbG1DESGxQw&oe=6360A3C4&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271202556_427242519135729_5881921219207687288_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=QPGTYBHkG0IAX-eBofg&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfA7PkCEzo6g-V-qkRhMu_5oIuODm-cLU51vC-8sAArF2w&oe=6360B0F1&_nc_sid=5eceaa

Domain: scontent-fra5-2.cdninstagram.com
URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271261463_139326905186265_6319329532640984041_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=W2JPQSTIoCkAX8qrauf&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfBuWcONY-O96p0c9GM_bCXmNgk3O0mjKJf-wdOAt_S3iw&oe=6360458D&_nc_sid=5eceaa

Domain: www.smatbot.com
URL: https://www.smatbot.com/css/vanillaSelectBox.css

Domain: www.smatbot.com
URL: https://www.smatbot.com/main_js/vanillaSelectBox.js

Domain: www.smatbot.com
URL: https://www.smatbot.com/kya_backend/api/geoIp

Domain: www.smatbot.com
URL: https://www.smatbot.com/kya_backend/pagehub/chatbot_utils

Verdicts & Comments Add Verdict or Comment

Suspicious page.url
Submitted on October 28th 2022, 12:06:59 pm UTC — From Bulgaria

Threats: Unwanted Software Potentially Harmful Application
Comment: JS/Adware.Agent.CR was detected at https://www.bookeventz.com/blog/birthday-wishes-for-manager

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

313 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bookeventz.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: emiauc7ej9937ooj4kattlo2p4
www.bookeventz.com/	1970-01-20 16:38:38	Name: epvc_post_views Value: %5B8913%5D
.bookeventz.com/	1970-01-20 16:38:38	Name: _ga Value: GA1.2.1044521489.1666958732
.bookeventz.com/	1970-01-20 07:04:05	Name: _gid Value: GA1.2.2005643133.1666958732
.bookeventz.com/	1970-01-20 07:02:38	Name: _gat Value: 1
.bookeventz.com/	1970-01-20 16:24:14	Name: __gads Value: ID=4c7952511134f893-22f34e8359ce006b:T=1666958732:RT=1666958732:S=ALNI_MaK5HfLn8YP7e5RK_2kN8pRkyAJCA
.bookeventz.com/	1970-01-20 16:24:14	Name: __gpi Value: UID=00000b797d74fc83:T=1666958732:RT=1666958732:S=ALNI_MbCzuC-OhOijbbKgQ94UyKKa2oRNQ
.bookeventz.com/	1970-01-20 15:48:14	Name: _hjSessionUser_2398904 Value: eyJpZCI6IjdiZWE0ODYyLWRkZDItNTI0My04N2E5LTNlZGYzYWMxNmVkZCIsImNyZWF0ZWQiOjE2NjY5NTg3MzIxNDAsImV4aXN0aW5nIjpmYWxzZX0=
.bookeventz.com/	1970-01-20 07:02:40	Name: _hjFirstSeen Value: 1
www.bookeventz.com/	1970-01-20 07:02:38	Name: _hjIncludedInSessionSample Value: 0
.bookeventz.com/	1970-01-20 07:02:40	Name: _hjSession_2398904 Value: eyJpZCI6IjdmYjExNTI1LTNmODAtNGUwYi05NjRhLTY3NjI5YTFmZWIwMCIsImNyZWF0ZWQiOjE2NjY5NTg3MzI0NzMsImluU2FtcGxlIjpmYWxzZX0=
.bookeventz.com/	1970-01-20 07:02:40	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 16:24:14	Name: IDE Value: AHWqTUnUFfYNaqPnhRTDchCEbFt7eBffGZ_TJ5RxEs7O_jSSnCV3BZGeVOHcn_edPzs
.doubleclick.net/	1970-01-20 07:02:42	Name: DSID Value: NO_DATA

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271261463_139326905186265_6319329532640984041_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=W2JPQSTIoCkAX8qrauf&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfBuWcONY-O96p0c9GM_bCXmNgk3O0mjKJf-wdOAt_S3iw&oe=6360458D&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271322632_1009446273247591_5765830894686096540_n.webp?stp=c0.128.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=107&_nc_ohc=_vsBBgBc-poAX-5vQRR&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfChNADAQ27bJI8mHQ0_OsjfrridG3GlJPEbdxhNOjWr7g&oe=6360A0FE&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271970450_621613332393408_2433793189459319696_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=100&_nc_ohc=eDyNkf7SP8IAX_mjCBH&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfARNn92n-WboKRHTjQKRgMOBZ57OXdarL6BGH4b1Evqew&oe=63616C28&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271531002_909609713261240_6523210628247731319_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=PppCWzhGj2IAX_22au_&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfAdOTKaJplBH8bRpTpHXEtRGf2xV42YkCnfqSmtd2RBEQ&oe=636198A1&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271518268_312601874124669_6042887061965316253_n.webp?stp=c0.135.1080.1080a_dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=eSP4Cj7vl9gAX8teji9&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfAF0xrB_ftpmyhrvlDFj7s38C1j1m8vLseNToKVJIatWQ&oe=636077FF&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271491368_4782988085122232_6692049023402504924_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=108&_nc_ohc=9a_85z-rKMUAX8WSDt0&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfCO1MNhnbn2et57x6EVxzo3LrSF1iBKv-NHbG1DESGxQw&oe=6360A3C4&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271202556_427242519135729_5881921219207687288_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=109&_nc_ohc=QPGTYBHkG0IAX-eBofg&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfA7PkCEzo6g-V-qkRhMu_5oIuODm-cLU51vC-8sAArF2w&oe=6360B0F1&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271963571_1026533791260906_3805749381073109835_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=106&_nc_ohc=5FcQmLRAVgoAX9Yr8uI&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfCe8SXh0ZW1DAjO3NiqcPYprlFwqpWJX6SSouCW6ElmDQ&oe=63603EBD&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://scontent-fra5-2.cdninstagram.com/v/t51.2885-15/271463050_136077375528076_5657130121486879308_n.webp?stp=dst-jpg_e35_s150x150&_nc_ht=scontent-fra5-2.cdninstagram.com&_nc_cat=104&_nc_ohc=3ElF2iulysIAX8-m1um&edm=AGenrX8BAAAA&ccb=7-5&oh=00_AfBqzYZeN-v_mVjdsGuVeWmNvEPK_CNEMfrIowdPyVdjag&oe=6361933F&_nc_sid=5eceaa Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-2606855401085191&fa=1&ifi=8&uci=a!8&btvi=3&xpc=StujRHoPsl&p=https%3A//www.bookeventz.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.responsivevoice.org
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
js.makestories.io
maxcdn.bootstrapcdn.com
media.bookeventz.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5edndl.c.2mdn.net
scontent-fra5-2.cdninstagram.com
script.hotjar.com
shotsofdollars.com
smatbot.s3.amazonaws.com
static.addtoany.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
vars.hotjar.com
vc.hotjar.io
www.bookeventz.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.smatbot.com
scontent-fra5-2.cdninstagram.com
www.smatbot.com
101.53.132.55
13.32.27.107
13.32.27.15
143.204.215.118
2001:4860:4802:32::3
2600:9000:206f:5600:7:102f:640:93a1
2600:9000:214f:d000:3:f432:a40:93a1
2606:4700:10::ac43:2794
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:18::9
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
52.216.147.116
64.233.184.157
65.9.66.36
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
0389f6d00d0ec5ac3a38698ca94915a7b37c6ed70a9d271e823e55bd71bd8ebb
0bbee51521d23babf9c66be31190c688694994192e387384e1b1717515a1e69b
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189d13d13190e962ee77c41a05836e977ef88368c24c70bf592b27f38094e530
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
21cc99022bc4ec8275bd4f5aa39ae3c4a748cef6b0b65cf6f66b21d63f9b472d
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
2355efb2fdd679b4a884e5585161553a017ee969c6e926352ad7cc661bec16aa
2ac523824bc1635fae9a925f20cecfb001148b2c9ef0a799e014b948f95e301c
2fb275560ad31fa39c746c43c092a320abf4ac4474d633a27a4b4862423ee2f5
36881e576619c157397e1004d906a7f4254bdcc145c068fa6f795c84af665d3f
39e27a5c506551c52d9ef0ae795c5b8a02b67bb93c15024c0ba68e06080f4034
39fbe7f02d24722dd2f7ed384e9f954363a87b65695d0193dd34c7209ab82921
3a8fe06ffda5b02b2b3c91fa5a64375c6d563c06439a62805d918e3f95bee681
3f5ab26f1b91b1a610d792c54a9545194a8651e6b6e6dfd9e440dd5d75c2c966
40ffed0b81d6867b465d1e47c06325b9abe4ea65a66007ebc8bdb14a0ff2ea1c
415b70d674f60d389736ee0f758cba21ff89d82840ced2ce6733fd7776e98474
4591bde8d31f849f03b74b907c4857b7261a431515844b752fa560a3993bdf6b
477c286e95aea65947da0d7f48056c54a2020ccb7ed78d404eaf5300eef9d3bb
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e26826be1d90b66dc48a6213206948035c71e01ae563f865832cdd21c0e22b5
4fca745d3f4b436a8d0844e039eee0a3190011a0ff93b6419e130f29b2f3a2a4
50274613bb927da5749b3d514a53f39347ca366fcdd607ec175aeb046600beeb
527037923fd160eb4b5d0165bcb1d8fa52f9db8351ed89723adca3307e8396a3
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
579e8c01bcc33828befd2b2aae7c1a133c88fd812429a8b149d6aba5a66a08eb
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5b653c66a6b9701e27217c549d9678ac219586835a98dca11c195311f3655e12
5f1a662152c1b181faee3414c71763cfa9108a0bc2c3e0a88e3814c4f9d71e34
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
67a68c65dd7708da52f549e1f6a683a489b4ac88642048263cab710d87501810
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b647025c9c8b33ee711784e3af507f60afcaad55bf467bc08f0d86255178de0
6e723af1b6c5ea3c585ee1c49bc9985c2b4c7d43211940b3d823fcb6a6532ccb
6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd
71f7e73ad4c457a1798ccc762abfefd7bc834784aa66e88e754b963eb148fab7
74f1efa3d7ad20d86931080e5cb06b68160cd77ae6672a90b8594c53074db0ef
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7dcf510131a7c52c09d3a78b4e65cb045c909fa421f84507b1a00030599955fc
7f1d14638b89c3a49a37de5d97c8e1b186beaac96134e515981a83b159c527e0
8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84c8c596f2ab6d1a4c04c1b22bf92cf51d05ce97fe2a9f7dfd97d43f99344b8e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b375eea3647816bcb8697ddc8e615eb421ef018e8445d0cee8b9e9a41e27089
8e2d3db4408e44abebf3107d88297c0c9f2234c2eb8837210b5fa9fb2b75852b
8ee57ff2f42814983b5624caebb138f6c7f51ab9b17ebaf206009cddd76559c0
9240ffa48a0793a624221e13063c5c91d2e3d0098aeb15843f8204f90d74807b
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
97847f516a08bc7fafd91da08af0cba15ff13b9c441b0d5a3d9c0e6b80f4232e
97f7a08ce062e83df992f9ea9c8686c711eb3e0e3160798f6ab81231f88ff28d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a4327f67d2108a8eb72d0217e022889c549dce7220e0df716b83143f14db7c8
9cef62b5bd8de97cc361d574bd2cf3e15554075f5bd78c38973b94ebfa2d3236
9f909af42032398f0f6272959b4f363b75bbfb38161ae35cb86bc5c4dcf70c6b
a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a767d7e7af88326afb37242f2828280a2c930945cb94b636b1f05a0afb634621
a8349fa60c39734b8966833197925b1e8f1f1092902d55ed78d41bd9722bd605
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b630a6f49a2c8d0aca4262527f246c3541c7b4fbe66ebe0920510a46070a509c
ba7bd7aa8944bdbdd47d1a4b41f0ed4dcf3305ca1c7604e55ade72ce36d58fe5
bbf65aabab02c2961fd9fd2afa17c0e1875d606b0a723f25d1d9230b6b84345f
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
bd1b3d960f1da4af00a2424d95f6871d1b6676dab2b6004ead2cee27a0c57124
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c7965c0b9e50611209d013c6bca6015aef767673eba8d19d3fb4649af412c491
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c960d7ba8edf923f20c1e7d6736004e9036ac509dd1eb21cf950e3371e231140
cb345087974e8b10c28ae96278bdf7e6dc5bfd1537da2841bb0dd761d6e4f7e6
cb6a13fa6522662107dda9be5efb0743d49d42816e9e67450f795a6c1baf52ad
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
d102c69c2e02cfd878d735d72dced6641b41c8a80f8570e9ceae04e556dfa56d
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d4f0afa8da56e0ca3b2b58a52e70b4349327abb4c27f1f574d2c6048ee1786b3
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d97628fe4c4c653f8374a1cc680c653bdf9b9de221c932a949c7c8da813fd233
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
e04fa415c0eb55bf8e14b81628dfbca829654139b40acbeb3ca4100fa691e5c6
e095005712ab27c28714a52fe9df44ece49717071814bf9961c6f345259aab1c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1322f7f63d3bf0f050c6d8458d80f6890cac737b13df33f016ca8d9e074995b
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e868025497d76bd96caefdeebda2a813be57b5f6703519019f5ef645d4f220a6
e8910962519f383d99626824fa2786320aee3e9048ef32e571d13f5e62a9e704
ecad2fb49f3cbc7c45901b67c81da89c12c107b86818365ed0bc74792c3ce0eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9b9cc8f092102d961d332a8b63553ecf7bbfc65d4a3776eda5e1a67e62976c
f08cd89f44f9d3a9b9ff46ac50838fad579411f0d775c2a49de2da0ab0d192af
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f38926e592669f34623b14f4900e7c3c5b01b87b4a33127adb73a83aad4117a5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fabf96d2afdc683a3ed575f63d3b4ec569b6dfd561d5fd3cf8558c56333bc63a
fe67b66bf78bfe1bbb21447e279ac449cd4a1aa7dd352c1f9f501851583642b1
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3
ff90bf7c4c1116b703c4700c77543fd67218530fdc7e72b747ffa3e18462b06c

www.bookeventz.com Open in urlscan Pro 101.53.132.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Suspicious — 2 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

91 %HTTPS

80 %IPv6

26 Domains

40 Subdomains

36 IPs

4 Countries

3299 kBTransfer

9877 kBSize

14 Cookies

29 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bookeventz.com Open in urlscan Pro
101.53.132.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

91 %
HTTPS

80 %
IPv6

26
Domains

40
Subdomains

36
IPs

4
Countries

3299 kB
Transfer

9877 kB
Size

14
Cookies

184 HTTP transactions
6 data transactions