Submitted URL: https://www.y1hc8.com/cgi-bin/click.pl?cid=nl030920202202&lid=233630&uid=31278334
Effective URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Submission: On September 28 via manual from US — Scanned from DE

Summary

This website contacted 75 IPs in 12 countries across 60 domains to perform 520 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 348660.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2022. Valid for: a year.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.121.69 16509 (AMAZON-02)
2 184.72.244.154 14618 (AMAZON-AES)
47 8.248.115.252 3356 (LEVEL3)
63 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
13 18.203.209.222 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 3 54.85.238.249 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
3 13 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 ()
12 2600:9000:21f... 16509 (AMAZON-02)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
4 2a02:2638:1::4 44788 (ASN-CRITE...)
2 2 35.156.104.29 16509 (AMAZON-02)
5 31 142.250.74.194 15169 (GOOGLE)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
5 7 3.124.238.184 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
3 35.186.253.211 15169 (GOOGLE)
2 3 69.173.144.138 26667 (RUBICONPR...)
3 3 76.223.111.18 16509 (AMAZON-02)
1 6 51.75.86.98 16276 (OVH)
28 2a02:2638::3 44788 (ASN-CRITE...)
4 178.250.2.148 44788 (ASN-CRITE...)
4 2600:9000:21f... 16509 (AMAZON-02)
4 2600:9000:20e... 16509 (AMAZON-02)
11 54.68.149.87 16509 (AMAZON-02)
35 178.250.0.139 44788 (ASN-CRITE...)
8 178.250.0.162 44788 (ASN-CRITE...)
14 2600:9000:20e... 16509 (AMAZON-02)
3 2a02:2638::2 44788 (ASN-CRITE...)
3 66.155.71.149 13768 (COGECO-PEER1)
2 2 54.247.130.124 16509 (AMAZON-02)
4 4 213.155.156.184 1299 (TWELVE99 ...)
2 6 104.18.19.126 13335 (CLOUDFLAR...)
1 1 2600:9000:20e... 16509 (AMAZON-02)
2 2 52.19.188.75 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
3 198.47.127.19 62713 (AS-PUBMATIC)
2 3 72.251.249.9 32475 (SINGLEHOP...)
5 6 18.156.0.31 16509 (AMAZON-02)
2 15.197.193.217 16509 (AMAZON-02)
4 4 37.157.3.30 198622 (ADFORM)
1 185.86.137.107 201081 (SMARTADSE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
1 2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
11 2a02:26f0:350... 20940 (AKAMAI-ASN1)
12 3.220.26.216 14618 (AMAZON-AES)
2 34.192.54.128 14618 (AMAZON-AES)
3 3 185.89.210.153 29990 (ASN-APPNEX)
2 3.226.147.34 14618 (AMAZON-AES)
1 150.136.156.92 31898 (ORACLE-BM...)
1 1 213.19.147.45 26120 (RHYTHMONE)
3 23.35.236.201 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.244.159.8 15169 (GOOGLE)
4 18.156.195.47 16509 (AMAZON-02)
8 185.89.211.116 29990 (ASN-APPNEX)
2 52.28.203.152 16509 (AMAZON-02)
2 198.47.127.22 62713 (AS-PUBMATIC)
2 2600:1f18:612... 14618 (AMAZON-AES)
6 52.29.135.93 16509 (AMAZON-02)
1 8 104.18.18.126 13335 (CLOUDFLAR...)
2 23.205.235.133 16625 (AKAMAI-AS)
2 23.35.236.247 16625 (AKAMAI-AS)
2 151.101.65.108 54113 (FASTLY)
1 2 209.54.182.161 16509 (AMAZON-02)
2 2 135.125.160.160 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.2.49 54113 (FASTLY)
1 52.212.196.36 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
520 75
Apex Domain
Subdomains
Transfer
91 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
1 MB
71 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
pix.eu.criteo.net — Cisco Umbrella Rank: 8597
csm.eu.criteo.net — Cisco Umbrella Rank: 8499
189 KB
64 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
270 KB
47 123g.us
c.123g.us — Cisco Umbrella Rank: 401030
i.123g.us — Cisco Umbrella Rank: 212116
884 KB
41 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 20479
static.avantisvideo.com — Cisco Umbrella Rank: 22333
events1.avantisvideo.com — Cisco Umbrella Rank: 20249
cdn1.avantisvideo.com — Cisco Umbrella Rank: 23754
avm.avantisvideo.com — Cisco Umbrella Rank: 20414
408 KB
28 aniview.com
play.aniview.com — Cisco Umbrella Rank: 15858
player.aniview.com — Cisco Umbrella Rank: 1698
track1.aniview.com — Cisco Umbrella Rank: 1891
go1.aniview.com — Cisco Umbrella Rank: 4757
sync.aniview.com — Cisco Umbrella Rank: 2123
483 KB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
4 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 282
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
web.ssp.yahoo.com — Cisco Umbrella Rank: 2311
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 866
4 KB
15 123greetings.com
www.123greetings.com — Cisco Umbrella Rank: 348660
s.gk.123greetings.com — Cisco Umbrella Rank: 497909
65 KB
14 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429
htlb.casalemedia.com — Cisco Umbrella Rank: 481
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
11 KB
13 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 428
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 593
43 KB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
550 KB
12 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12829
ads.eu.criteo.com — Cisco Umbrella Rank: 8466
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10688
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14567
208 KB
11 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
eus.rubiconproject.com — Cisco Umbrella Rank: 557
token.rubiconproject.com — Cisco Umbrella Rank: 667
14 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
218 KB
8 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 647
ads.pubmatic.com — Cisco Umbrella Rank: 457
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431
18 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
4 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
1 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 8962
1 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
cdn.indexww.com — Cisco Umbrella Rank: 1368
4 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 614
2 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4521
1 KB
4 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1519
3 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1470
u.openx.net — Cisco Umbrella Rank: 641
783 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 979
pixel.quantserve.com — Cisco Umbrella Rank: 417
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 573
573 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 376
1 KB
3 gstatic.com
www.gstatic.com
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 2852
20 KB
3 trkn.us
trkn.us — Cisco Umbrella Rank: 2032
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
193 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
843 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
2 KB
2 tremorhub.com
p4dt2-ha1hf.ads.tremorhub.com — Cisco Umbrella Rank: 80548
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 746
r.turn.com — Cisco Umbrella Rank: 3326
869 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
529 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3547
786 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 36740
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 815
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 727
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
89 KB
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 23634
269 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10156
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 479
433 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 537
177 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
243 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1181
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523
584 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2825
104 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 832
75 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 712
441 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
761 B
1
function sub() { [native code] }.
25 KB
1 y1hc8.com
www.y1hc8.com
370 B
0 adotmob.com Failed
sync.adotmob.com Failed
520 60
Domain Requested by
46 tpc.googlesyndication.com googleads.g.doubleclick.net
www.123greetings.com
4d450be1-4a3c-c781-0a78-c7814a3c4d45
cdn.ampproject.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
45 pagead2.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4d450be1-4a3c-c781-0a78-c7814a3c4d45
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
35 pix.eu.criteo.net ads.eu.criteo.com
31 cm.g.doubleclick.net 5 redirects 4d450be1-4a3c-c781-0a78-c7814a3c4d45
www.123greetings.com
googleads.g.doubleclick.net
28 static.criteo.net ads.eu.criteo.com
26 i.123g.us www.123greetings.com
21 c.123g.us www.123greetings.com
c.123g.us
18 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
4d450be1-4a3c-c781-0a78-c7814a3c4d45
14 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.123greetings.com
13 www.google.com 3 redirects www.123greetings.com
4d450be1-4a3c-c781-0a78-c7814a3c4d45
googleads.g.doubleclick.net
tpc.googlesyndication.com
13 www.googletagservices.com c.123g.us
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
4d450be1-4a3c-c781-0a78-c7814a3c4d45
13 s.gk.123greetings.com c.123g.us
s.gk.123greetings.com
12 track1.aniview.com player.aniview.com
11 player.aniview.com cdn.avantisvideo.com
player.aniview.com
11 events1.avantisvideo.com www.123greetings.com
10 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 ib.adnxs.com player.aniview.com
acdn.adnxs.com
8 csm.eu.criteo.net ads.eu.criteo.com
7 x.bidswitch.net 5 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 prebid-server.rubiconproject.com player.aniview.com
6 ups.analytics.yahoo.com 5 redirects player.aniview.com
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
6 onetag-sys.com 1 redirects 4d450be1-4a3c-c781-0a78-c7814a3c4d45
player.aniview.com
6 adservice.google.com pagead2.googlesyndication.com
6 adservice.google.de pagead2.googlesyndication.com
5 partner.googleadservices.com pagead2.googlesyndication.com
4 c2shb.pubgw.yahoo.com player.aniview.com
4 c1.adform.net 4 redirects
4 d5p.de17a.com 4 redirects
4 static.avantisvideo.com cdn.avantisvideo.com
4 secure-gl.imrworldwide.com ads.eu.criteo.com
4 cat.nl.eu.criteo.com ads.eu.criteo.com
4 ads.eu.criteo.com 4d450be1-4a3c-c781-0a78-c7814a3c4d45
googleads.g.doubleclick.net
3 ads.pubmatic.com player.aniview.com
3 secure.adnxs.com 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 ap.lijit.com 2 redirects player.aniview.com
3 image6.pubmatic.com googleads.g.doubleclick.net
ads.pubmatic.com
3 pixel-sync.sitescout.com googleads.g.doubleclick.net
ssum-sec.casalemedia.com
3 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
3 eb2.3lift.com 3 redirects
3 rtb.openx.net 4d450be1-4a3c-c781-0a78-c7814a3c4d45
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 trkn.us 1 redirects www.123greetings.com
3 www.googletagmanager.com www.123greetings.com
www.googletagmanager.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 acdn.adnxs.com player.aniview.com
2 js-sec.indexww.com player.aniview.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 htlb.casalemedia.com player.aniview.com
2 p4dt2-ha1hf.ads.tremorhub.com player.aniview.com
2 hbopenbid.pubmatic.com player.aniview.com
2 web.ssp.yahoo.com player.aniview.com
2 sync.aniview.com player.aniview.com
2 go1.aniview.com player.aniview.com
2 www.facebook.com 1 redirects connect.facebook.net
2 match.adsrvr.org googleads.g.doubleclick.net
ssum-sec.casalemedia.com
2 cms.quantserve.com googleads.g.doubleclick.net
2 match.360yield.com 2 redirects
2 r.scoota.co 2 redirects
2 cdn1.avantisvideo.com cdn.avantisvideo.com
2 pixel.rubiconproject.com 2 redirects
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.123greetings.com
connect.facebook.net
2 www.123greetings.com
1 pixel.quantserve.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 sync-tm.everesttech.net ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 u.openx.net player.aniview.com
1 csync.loopme.me player.aniview.com
1 sync.1rx.io 1 redirects
1 sync.technoratimedia.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 dsp.adfarm1.adition.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 ssbsync.smartadserver.com googleads.g.doubleclick.net
1 s.ad.smaato.net 1 redirects
1 p.rfihub.com 1 redirects
1 rtb.nl.eu.criteo.com 4d450be1-4a3c-c781-0a78-c7814a3c4d45
1 4d450be1-4a3c-c781-0a78-c7814a3c4d45 securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.y1hc8.com 1 redirects
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
520 97
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2
2022-03-01 -
2023-04-02
a year crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2
2022-08-13 -
2023-08-11
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
gk.123greetings.com
R3
2022-09-18 -
2022-12-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-08 -
2022-10-06
3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2
2022-01-19 -
2023-02-20
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.google.de
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.avantisvideo.com
Amazon
2021-11-24 -
2022-12-22
a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-02 -
2022-11-01
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-03 -
2022-11-05
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-21 -
2022-11-23
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-27 -
2022-12-29
3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-09-27 -
2023-03-22
6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-15 -
2023-09-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-16 -
2023-06-16
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh

This page contains 64 frames:

Primary Page: https://www.123greetings.com/events/rosh_hashanah/happy/
Frame ID: 96999CDE62B3730CCEF0AD7F9159E8B9
Requests: 146 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
Frame ID: 55611FE3981003F4A8A1BCFDAC92928B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1664400475&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400475490&bpp=4&bdt=761&idt=331&shv=r20220927&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5669370278883&frm=20&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400476&ga_hid=1951913476&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31069935&oid=2&pvsid=4124693949371190&tmod=1867541146&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: D73DB2EE5A4EAEA706AC6BF658CD3FAC
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.123greetings.com/4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3
Frame ID: B45E96783BC9BF5BF16381FC2D19229E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 63F82DD1C6FC58E920504F23AC60FEBD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AADF8F3495B21DFAAAD6BDBFDAB757CB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3419A5567F62C3BFF7490A3DA26B6BC4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2qoiGKyTPhxuCIhso1LgOgtwI-WwYPcBG1Nt72xJmor5zh5KvqnUje9sATQLt3vAxcU4sV-ngfBzpTTzxMkffyXb7MhAe8B0buBuKsqm50iOzntwAr2bTRGoqRsrMvcrp7P6TAs7hZvVN3Q4-7hovc_kkyCYNXSsMYjbnNj47PzbRMiNZ6QYzX6UYPh7KQg_w50XyKjJrMPF4yaWEqASGkJt1WqbvjfULQh07QanPOMsqnpyUK6yxxqDpGvAJrFFL4wvcy9AvVpUJHxq9NWA5m0BkAvdcIl1soNXDkF_ih9Cs9FRrG0ci_OkG0eU6R4sADLhkNuGEqrkZjVdlQeOewgoemQ&sai=AMfl-YSn-l1BZlguKm5VJ10O1HLoGOfRIFF7k1JAXcGonSw0HHg18vZ757tfB8QKEMJ4-pkdkiWNQQ88i_TnNfqawm09rXKbFdYa7KE68ixUhhiiSoCpCDjVjJOvrZt5katMWQ&sig=Cg0ArKJSzCpi8nW54SVVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F87CB62C6C7338736A1888531C9B5F21
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstObkc7gJ0V2NflgDtWvWMMDpG2dKudSM6MJIQ2ZM-MfiHUp5maVfiPKFM-tkBlXg0ZMqe90n_kIk4-jLuEbpNsbHNc0Te1ItmKGc1yYaO6jE4ebzPGzxD53qeG9bYrKhuioxY3KdhbNGiTX6cRXPp9u4Sfl7kBqQTXMCSh-sNH3DTezwSLhnZhkfwcOslv9Ppy7DahB5KasOoCqy5cJKURsghnhSlDx3NLAjxAK9bml6BLh1pS5vAxQ8GYHgkQ3gNbzwpzKRhH5gPTbqc-miWBCRsaMU01cYMAuS8pcyzf90B9cMPxVtd3HUGUftIrUnqXKCdGuS3dujivI8MMTGkt-ODhPJQ3&sai=AMfl-YQljap_xMvw59fjfOz0wmxpaoSfdMHShPDIuABygvS7VQJqPub6vTKHvg0C2WJT1jKxSS6J6XAdKWZqujRk69v0RI9hOIJt0A1WUgd9wXs4-c8Jlft8DiqwryAEjx04PA&sig=Cg0ArKJSzFomXX0QWji2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C065C59803C6CDE09ECE6CA13EFD98B3
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPmvcShqrAD1ejcVK8vkDGS3oOGe5vy0oGla46TDH4KMx49BQ3bKsDoWyQHCvEMvmWfyjc0cJY1WgDgt2MTC-N2vnQ37p0U195KZARsFnZRs83E9QR7264-JRD6qGi_1_lrvFfl9HOK6YDVQcd5M66UHexecqbIZQIE1bKDM9yLF8G9ln_VdxTqw14T9pHv-3rAIH_UManh833SPHLw1ws9OEEpfuYuIQyppgUe9zpIoEeTxO8TkPOicXnIG6y0j8dJvItIA7-XyGtT_Ls_4aJn5Q3MSMf9TAWaySmaPuA4kz6LKc5l-mJ_8K8QhXZ1ngn0SdGXvX28ae5XOoYdaLhFbRQLpgrRs4BCvIt&sai=AMfl-YShWdImxeMBXJGJ-KfCMiuSu8RTCj6z4bng5SMyVMVg152BJ9wKuH8e1mosf8KcA1DYCov1eJxmAQmG-1oRpnJRNIHlosCc-fqUekKJJGMVwDVIOJD3AzRFIgmvICGxMQ&sig=Cg0ArKJSzEo3Pef8lx0YEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7B4E11F1C5D72CE97B524E5FB1AE2DB6
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK8GjrPDGSySFgHmHjzqzF_hrc7GK55nBy4qMaas7twqCCAvSTMx8Gx7ZVb-cIdRpzHNcDwENWqz1-D8he98kezUpT3Z9kX9xCezbzxTduYMpygaB9nudBJPqQAewcaONAM1eMs1VNy5Yfn1WqSQs6F-A2RP9r0Di6kBEMUco62w4owIeLWztm5BowyjiRvxiPqCjSecMbDpBFNn6QFg7h95Yg0LrZDpy0oWSdnF4VurKN65IIfuk3VDlDYzO_BM-iFZHLQIzP_jjiZ4y-Dorl1BXp8tcSjjGUACm_0yUVmKX0FNLT7WZ9joBSmRyFDoSGMi6LCVgYwRvnYZmc0p7-AZfqNXf0bY9wgw&sai=AMfl-YRB3I0yNvqlC5SHcGRZDWTd3KcXwIw8Up3IP-3xjmcGVScsXF83kOykgjsSl_5sEVIrEFdUSirN9iGO195ib_AsGaKyKDpDl08Wm9n5CA8ObdqyhnV5aB5rLEjg8H1rGA&sig=Cg0ArKJSzDMpgRbWNopiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8D31C06D05BE501E5C8756814E59A03B
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 731380DC9C61EDE03289079A5329D353
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 798FE14C4243CAD68CA79FEB5B5C505C
Requests: 15 HTTP requests in this frame

Frame: uuid-in-package://4d450be1-4a3c-c781-0a78-c7814a3c4d45
Frame ID: F1E93F4CC9D3D072CB30B3454F1C5F84
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb9g9T2OA6E7tmBBjStTiPJpINVjgPbsilCtc7WLpOfXAt0gPzmhcRgpfLzzHzQYi6dGgpi_0o1MAbbm49i6I6jXSRuUkF96p1AU7hv-ttkBFEB7skudffUGuNzkNHQXmFMWRMNV5kWtxe-XB7aA1b67JY3LjvMySeVTWyQ1lYG3ur-0S60wEk4jWHCOBH6Vf49CWEDKhWUR8vHW1kVJLqpfBphn_Fvs88TaQ-cerowampsv5j4YCvMuKTGnkxXjuE7Zoid8zdT_4JgQa0GDuNtSLNhtw2vrtzcWjDy-iNEu747CmnwccfxU0BCfbZB9pplafbOvW8RNS4Wqm0o_oqtV9KePDSnko&sai=AMfl-YT6M9siY_tpslVEBNVWDTsW2-OMedgJIcTzQNU3TRe1p5aIj4z_hDWfGs5FrT6TqbG7w6KATWZB88Ft2nYnCpCnrscVQPUOOkTFXBmALLaEONFK4p4e3HJg2dW8g0MX6g&sig=Cg0ArKJSzJb9i8kU8slEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AFC3C93A4C85FA789A4722133FB2A7F1
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQRWJ_V9QcjKQtwN1k6j5l-VpLKHrXp6B1oOLanUmbBUYAaE8H5aQOmGc7nYfR7eTtkoENLHWkVQTrznZonPR4PLBCBaSsK976dOZsLPdvGVU8hFSsIf1EDE9Bk02ejfLc79UuVmAvfjGfrALabgC0OHFFCz0FmCRFDPaxE9y7tC-OGDm-JrkPA7aRa7IKOhGWUtWPN54Eg3AOjtzuuASEdVN8KpGVKYOb_Fju_ffL2zWR9BN_31bIaW0DtOVTQqKqAHscXq9FmuJt98T4YlkekC-ZkP0ZgyxJpSUCwbWvUjs2zf_UC4_5MYaTGGmRuW1bODU5JxMTpSIwGXSxOo8jdDYH_45iFj1szR-h5kqc6Kk&sai=AMfl-YQWIneiTnRfB4qS4WiSh0AtSr9fOcb1J03Bz5Dj8g_dWTKO0koZDC1NGMv98R7zPJBxaeVQY8DAXh_ysMjqGs48X5uqjUnqLgBs9hbYB-e8FrqmiUUJhfc9rP0tEnQPBQ&sig=Cg0ArKJSzIYr07lOpoL-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3F0AB841DB01F3DE7C055C8B6CC30F9B
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: E1F30213D7F43927DCFC1C7952545427
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FB4FBF55CDF2E12574B62C284B8A4AE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Frame ID: A2485F497081187607582CC2CDC5C785
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Frame ID: CD0DBD0BC5E1CCBD90E4D3FBB22895BD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Frame ID: FAC37C5CE85D4C56F7C4C12A514AB684
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Frame ID: E7448A3D2A5D79278AB2E72E1AD76896
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 6BC16B643FF8DF502C5FC769EE58B684
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 967548990AE4A387486A8187A4A366E0
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: 0C6052FB4075D9EE08EECF89490F29AD
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32E0C4A74CA4050BAA725DEA3C853FF0
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: 6D6E0BBAC09EAE592996BF5FAFC1D7F6
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11407AE1640984AED5BB153D3F541973
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0AB86713C23F8B69A13EE7ACCB1546C9
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: 8BFFF35AC473DADDA3202800B0A79A51
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB4DBF82D9E585879C812E385C6CA0D4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 8778C3ADB15583E00355844322C2C5F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12468999218D3B5F681BC4FF8EEAF483
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDD48D7B15A0CFD2A97480FA58FE5D07
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19a81017f25f1c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff376db61ed7cad4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
Frame ID: 188327D26D463A1938B0AFA3D5AA8938
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B02FCC1FF3C3E8B84F21F31D13A2818
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3708F9A43BA98D2E6DB68EBA47E03140
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDE002B10BC2E95E22CE730D5A212B9B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D183BE30FB335902FA7BBB1CCEFD8FC8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E080FA9A246E2FDBC75F4EBC00B7474
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D11F5DBC1FD3E3DDC716CC36080E7E4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CCB49E7A8AEF2A12D91B192DDC4939C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 522C25514126CA9F39BDA919EDAA4093
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 7630BBE1202649FCF26317E8CD59683A
Requests: 5 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 1B4F393FCC4CCD49A198A3587B393A24
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=55&key=1043972310513334446
Frame ID: 74EF0218126D771938B4432E90E1AEC9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D18%26key%3D%24UID
Frame ID: AF10B848EE1A0C2DEBFD52984AAD3C6B
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 8BC95231355E2E93B01C35B2CC3BF3BE
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1664400481142-938040147346-007455-009-000192&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 8383CE1970A7D2770F42F94C1B7D6108
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=200&key=OPTOUT
Frame ID: A6B1EDBCE9740AACDD488160F1103DFC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D1%26key%3D
Frame ID: 784536C4FF8F4640D4B6674E3E9D4AF8
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D
Frame ID: F5C06993AB3389FC5CBC845FF769D395
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D23%26key%3D
Frame ID: 3CFFE54107D699B373A8F979B4D4F651
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C4BD0A9A603D6369400F604D9A96A674
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664400481592
Frame ID: 20A4F2A812D3D7A6527027BB60F694AD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 965D03AA43F9F27ECAB82A8B0BFE07B8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4A11507CFC35A841197FFB24574C01BE
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: D130862D2E0C1399B009548934BFB7CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: F9F03CFBF1BED8CF66927167375D71F6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664400481523
Frame ID: 9E815A15A57A5D25CD2BE1E5D7E2F052
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7A3AD9B33BB5A2671A172CE8BC8556E2
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 082415005C63F6CFBA41DF5CCEA9CD2A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 701F39DAD6B065FC615A31985245ED21
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E515ADDED4C606CA36475CC50BEAC1A2
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Rosh Hashanah Wishes Cards, Free Rosh Hashanah Wishes | 123 Greetings

Page URL History Show full URLs

  1. https://www.y1hc8.com/cgi-bin/click.pl?cid=nl030920202202&lid=233630&uid=31278334 HTTP 302
    https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm... Page URL
  2. https://www.123greetings.com/events/rosh_hashanah/happy/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

520
Requests

92 %
HTTPS

40 %
IPv6

60
Domains

97
Subdomains

75
IPs

12
Countries

5311 kB
Transfer

13061 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.y1hc8.com/cgi-bin/click.pl?cid=nl030920202202&lid=233630&uid=31278334 HTTP 302
    https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4 Page URL
  2. https://www.123greetings.com/events/rosh_hashanah/happy/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.y1hc8.com/cgi-bin/click.pl?cid=nl030920202202&lid=233630&uid=31278334 HTTP 302
  • https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Request Chain 64
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dvis=visible&ip=80.255.7.106&cuidchk=1
Request Chain 101
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 162
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cver=1&google_push=AZmPxg90OElINBVlis9GscvhhfoAeD1ppVRcKEOix6J-APUg1iAbKO22Xdepj2IZ50-B5FZG5H5LzvsZ6Q66w6Tr1FIgCW36EAY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cver=1&google_push=AZmPxg90OElINBVlis9GscvhhfoAeD1ppVRcKEOix6J-APUg1iAbKO22Xdepj2IZ50-B5FZG5H5LzvsZ6Q66w6Tr1FIgCW36EAY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkF1RnMwV2UxT0RFQjA1&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cver=1&google_push=AZmPxg90OElINBVlis9GscvhhfoAeD1ppVRcKEOix6J-APUg1iAbKO22Xdepj2IZ50-B5FZG5H5LzvsZ6Q66w6Tr1FIgCW36EAY
Request Chain 163
  • https://um.simpli.fi/gp_match?google_gid=CAESEEuRLcxHr9TWfsCJYFMdQbQ&google_cver=1&google_push=AZmPxg-HMFIab4t_tIh4PrwT6f-1rJDANbcQlapZ-MU6vtmA6pg2kbBlV8Uon4sVvu2Tkhk7QemdW-m4LRP9nndqHE98WE5UoEo_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg-HMFIab4t_tIh4PrwT6f-1rJDANbcQlapZ-MU6vtmA6pg2kbBlV8Uon4sVvu2Tkhk7QemdW-m4LRP9nndqHE98WE5UoEo_
Request Chain 164
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCWAK_TJwJUoL-Oc6R0gVc&google_cver=1&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86MTB58x0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPCWAK_TJwJUoL-Oc6R0gVc&google_cver=1&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86MTB58x0 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433824675301422&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86MTB58x0&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
Request Chain 166
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKH66NRXwzy8Yi2vPq3ljmc&google_cver=1&google_push=AZmPxg_vrW5cxuys-L6MLFWZ2GXIeGzXVrzb0mC6T_GMJzRZxRAuZmEdzrTVihXvvhp4R822Vy-XkkAoPVLr8KOIvpfmX2atLRx5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLODAtMUctNkdYNw==&google_push=AZmPxg_vrW5cxuys-L6MLFWZ2GXIeGzXVrzb0mC6T_GMJzRZxRAuZmEdzrTVihXvvhp4R822Vy-XkkAoPVLr8KOIvpfmX2atLRx5
Request Chain 167
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHNKNKtACdWEM5w39kF1bLM&google_cver=1&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4k HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4k&google_gid=CAESEHNKNKtACdWEM5w39kF1bLM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4k
Request Chain 168
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECWwVPRaBlXWq26VjqvbmZ8&google_cver=1&google_push=AZmPxg8_IpFoV2tgbi8kH5Hd3MTfRvYBJH1ORm_x4mhamiQ2NSkVs_Vj87Q1r0zxkuYCkga0Bpm03_997LtEKbLZBNeS6YRF2qyD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8_IpFoV2tgbi8kH5Hd3MTfRvYBJH1ORm_x4mhamiQ2NSkVs_Vj87Q1r0zxkuYCkga0Bpm03_997LtEKbLZBNeS6YRF2qyD HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 195
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 196
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 275
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAHlG4mWXeqNPIlBjwTvDkg&google_cver=1&google_push=AZmPxg9dTNZDh0bxKRBaWgU-H7cvy8CXhPCyh7z42AJiaZktjk7t8vntyUXbtzKX-p3b7pL8aqkirBSMS4ZTvcMLy2iSnPykOH8 HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=b7186ea7-70b7-4f1f-877b-627745966963&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9dTNZDh0bxKRBaWgU-H7cvy8CXhPCyh7z42AJiaZktjk7t8vntyUXbtzKX-p3b7pL8aqkirBSMS4ZTvcMLy2iSnPykOH8&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
Request Chain 276
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0jjUst HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0jjUst HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0jjUst
Request Chain 278
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1&google_push=AZmPxg_1_bRttTmkTbG91rW9SwdLxBPT9p3s2OHIHkzxWljaLL99Ene66ptVhPXQ5SbdH_-sP33zLxZbUJZF52QiRXni3AJWyK2k HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_push=AZmPxg_1_bRttTmkTbG91rW9SwdLxBPT9p3s2OHIHkzxWljaLL99Ene66ptVhPXQ5SbdH_-sP33zLxZbUJZF52QiRXni3AJWyK2k&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&google_nid=index&google_push=AZmPxg_1_bRttTmkTbG91rW9SwdLxBPT9p3s2OHIHkzxWljaLL99Ene66ptVhPXQ5SbdH_-sP33zLxZbUJZF52QiRXni3AJWyK2k
Request Chain 279
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAXMkloyyagV3tMYc9AhTIs&google_cver=1&google_push=AZmPxg-UBlN8Bf4mPsxqzvdLBWnvq2A5kZV3PpCF1KIxJDHDjWLfnCzKkUTVq7qoMw0TquoTpEipcreOwIUuIE3bXbI430NIb1ia HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-UBlN8Bf4mPsxqzvdLBWnvq2A5kZV3PpCF1KIxJDHDjWLfnCzKkUTVq7qoMw0TquoTpEipcreOwIUuIE3bXbI430NIb1ia
Request Chain 280
  • https://match.360yield.com/match/ebda?google_gid=CAESEHo1AfInXPODXf0XiZ_6OYY&google_cver=1&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfguWuOTD-ZsxUk HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHo1AfInXPODXf0XiZ_6OYY&google_cver=1&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfguWuOTD-ZsxUk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8qOm3lkSReyZomTeNw3rng&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfguWuOTD-ZsxUk
Request Chain 283
  • https://um.simpli.fi/gp_match?google_gid=CAESEAvKSd7dT_6NGj596ifOlnQ&google_cver=1&google_push=AZmPxg9XtcPKCgdTHdKZP2ZNcqd32qdQpJ2fgldJ5WBmUAp0RwOxOWce3_aUWKQVy6ho9RFnLpGaqkfympF7BzRvo1UavOBu74U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg9XtcPKCgdTHdKZP2ZNcqd32qdQpJ2fgldJ5WBmUAp0RwOxOWce3_aUWKQVy6ho9RFnLpGaqkfympF7BzRvo1UavOBu74U
Request Chain 284
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiAY2_A HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiAY2_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiAY2_A
Request Chain 286
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEEEGy3tcI4tuOmJwSllWFc&google_cver=1&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZFTPEx8FxsQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEEEGy3tcI4tuOmJwSllWFc&google_cver=1&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZFTPEx8FxsQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZFTPEx8FxsQ&google_hm=FZMnrGZHQbS9_UglRQa9cN6S
Request Chain 287
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFav5DNHbc8dXuLvnhtQrVA&google_cver=1&google_push=AZmPxg_17iYa9zEGXJykj1nHrM4OVoxw17FN_EJN7hniUYdkjoq-2L-xtHnt_u5CggpFc69V5TWa4HqSd3i_Biy2cVdfH1L-VeM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_17iYa9zEGXJykj1nHrM4OVoxw17FN_EJN7hniUYdkjoq-2L-xtHnt_u5CggpFc69V5TWa4HqSd3i_Biy2cVdfH1L-VeM
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax681gH3leN62JJwcMC2SyiDH8BL HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax681gH3leN62JJwcMC2SyiDH8BL&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax681gH3leN62JJwcMC2SyiDH8BL
Request Chain 292
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsToLBJyMUolbxlRwqWHAeDNA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsToLBJyMUolbxlRwqWHAeDNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQwNzc0OTEzMDg2NzI3ODE0MQ&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsToLBJyMUolbxlRwqWHAeDNA
Request Chain 294
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF4r24msCLuFNBEsaUgXZTM&google_cver=1&google_push=AZmPxg9skw23kuaoY0PWYnR7RajTocVVzFX8KJqSiFTbAOc5kCRxJq6hhJIi32BtOGxKPGyvBtD1Qc1iiCqJqpTdPKVsMxkhbX8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLU0QtMUEtRkxCMg==&google_push=AZmPxg9skw23kuaoY0PWYnR7RajTocVVzFX8KJqSiFTbAOc5kCRxJq6hhJIi32BtOGxKPGyvBtD1Qc1iiCqJqpTdPKVsMxkhbX8
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7a1w9Cy8vJRlJYUJM0n_-kZRyA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7a1w9Cy8vJRlJYUJM0n_-kZRyA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7a1w9Cy8vJRlJYUJM0n_-kZRyA
Request Chain 300
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM5_A6JuvzKGZ6xhScBAZA4&google_cver=1&google_push=AZmPxg_m8rkMkEDxNngfy6zHj6Go-sI2N-L5l92tEVAb4sYTNa3_qwlWf1p2QNQA5vxCph0rKziq8WaDQv1Lc9xI-2GbsatsEMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzEwMzY5OTQzNjkyMDA1MzExMQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM5_A6JuvzKGZ6xhScBAZA4&google_cver=1
Request Chain 303
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENOZuE5gqwyfAJNbukQB3kE&google_cver=1&google_push=AZmPxg_ni6SHDvxHmOc5xahT61zeRnn-JH-gwkOSibhyb4fSoNo8Ab1aw2sNVFknIV4lPoyI5Pfut1BIw2368MM_GlShjlyxv0mt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0ODU0NTYyNDc1MjM4ODIzOQ%3D%3D&google_push=AZmPxg_ni6SHDvxHmOc5xahT61zeRnn-JH-gwkOSibhyb4fSoNo8Ab1aw2sNVFknIV4lPoyI5Pfut1BIw2368MM_GlShjlyxv0mt
Request Chain 304
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoM5_zMHOEuhuY7bb-Nrgs&google_cver=1&google_push=AZmPxg-98gEE6PL-95J7lvKkqOwLFrtYU0jv0atFkCnGjZrUXCbcm3b4Fr7TTYR7ptvWdUpmrRuzwHcUV_mR5b0-tg2yfdFNeFjy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-98gEE6PL-95J7lvKkqOwLFrtYU0jv0atFkCnGjZrUXCbcm3b4Fr7TTYR7ptvWdUpmrRuzwHcUV_mR5b0-tg2yfdFNeFjy&google_hm=MjQzODEyNjg2NTY5MTE3Nzg5Ng%3D%3D
Request Chain 305
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rgsI3KaJJyOd-NBlANFosgs HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rgsI3KaJJyOd-NBlANFosgs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgxNDIyNDUxNDA1OTI0ODM2MQ&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rgsI3KaJJyOd-NBlANFosgs
Request Chain 381
  • https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19a81017f25f1c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff376db61ed7cad4%26relation%3Dparent.parent&container_width=320&height=287&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F123GreetingsCom&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=320 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19a81017f25f1c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff376db61ed7cad4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
Request Chain 447
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1664400481142-938040147346-007455-009-000192%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=55&key=1043972310513334446
Request Chain 451
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=200&key=OPTOUT
Request Chain 514
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzS8Xw7Qeh2WBexpstRoeQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxBMe1Ey-v0fF1HEHZ6PFo&google_cver=1
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
Request Chain 517
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&dcc=t
Request Chain 518
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
Request Chain 519
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 523
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1043972310513334446
Request Chain 528
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=04b2d0c1-47d8-4d91-a183-365fdb2daf2f
Request Chain 529
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=K6XU03_10oEwptbXKKXK3njyhdcwpteBeKTHLlTe
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1

520 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sweet_and_special_wishes.html
www.123greetings.com/events/rosh_hashanah/happy/
Redirect Chain
  • https://www.y1hc8.com/cgi-bin/click.pl?cid=nl030920202202&lid=233630&uid=31278334
  • https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
235 B
687 B
Document
General
Full URL
https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
890b72ca968db304ff4e5a6ee3314d8a075bb8681dc14f2b6f92232646358064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
10
Cache-Control
max-age=900
Connection
close
Content-Encoding
gzip
Content-Length
190
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 21:27:44 GMT
Expires
Wed, 28 Sep 2022 21:42:44 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/5.4.16
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/5.4.16
x-frame-options
SAMEORIGIN

Redirect headers

content-length
421
content-type
text/html; charset=iso-8859-1
date
Wed, 28 Sep 2022 21:27:53 GMT
location
https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
server
Apache/2.2.15 (CentOS)
vary
Origin
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-id
zYC-j9iSp459Id4GBVcN0x0seQjPl4iDkwCH51m6wwa_HZbBkHqZIg==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
Primary Request /
www.123greetings.com/events/rosh_hashanah/happy/
35 KB
9 KB
Document
General
Full URL
https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
77b0873d00bb3289e4c879cdff1ec2bbc00d78b74c1f471542f7fd83835523b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
453
Cache-Control
max-age=900
Connection
close
Content-Encoding
gzip
Content-Length
8636
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 21:20:21 GMT
Expires
Wed, 28 Sep 2022 21:35:21 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/5.4.16
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-Powered-By
PHP/5.4.16
sub_categories_R1.css
c.123g.us/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://c.123g.us/css/sub_categories_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:22:16 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373407
ETag
"225f-571586437ea00"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2397
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:09 GMT
chk_script.js
c.123g.us/js2/
1 KB
1 KB
Script
General
Full URL
https://c.123g.us/js2/chk_script.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
0ddeadca43a405855a40c8dae3b1c3335a742811130d425cffd24b2e20ea5ee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 08:09:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 08:07:43 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1171134
ETag
"4d8-5e8b2bd6a9838-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
608
jake_test
Test_Pass
Expires
Thu, 15 Sep 2022 08:24:00 GMT
330623_th.jpg
i.123g.us/c/esep_roshhashanah_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/330623_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
edb6f26c88f87c9c3b52f98a5c0374c67ce02bc88e699481929fcdf7552953b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 13 Sep 2022 01:39:24 GMT
Last-Modified
Mon, 11 Sep 2017 09:58:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
1367311
ETag
"1be0-558e6f85b2b00"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7136
jake_test
Test_Pass
Expires
Tue, 13 Sep 2022 01:54:24 GMT
351011_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/351011_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b9ecb189086b8ddaf9322307cbe2dac167d857320c67618a5332164e11cd2e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 10:03:46 GMT
Last-Modified
Wed, 14 Sep 2022 06:39:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
1250649
ETag
"1ed3-5e89d63b6ff00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7891
jake_test
Test_Pass
Expires
Wed, 21 Sep 2022 06:52:16 GMT
124767_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/124767_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cd1c6bf12b0e800b1b90367f23f8d99b2885f2bef40754f8bbd5901f95db3fb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 10:31:55 GMT
Last-Modified
Mon, 24 Feb 2014 08:29:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
2458560
ETag
"1f77-4f322c4db8100"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8055
jake_test
Test_Pass
Expires
Sat, 10 Sep 2022 05:13:34 GMT
106542_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/106542_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dcbd132de9d028ea6d2a1d56ddf9cfdbba87004d7079b2f9c0fb8f80a013bc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:52:46 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
124509
ETag
"1bd3-4f323e1e30880"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7123
jake_test
Test_Pass
Expires
Tue, 27 Sep 2022 11:13:27 GMT
119978_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/119978_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a1f435fcfffeaf64e9f04f12caf07a407855ef00c105454714b7d7496224cb87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 08:24:58 GMT
Last-Modified
Mon, 24 Feb 2014 08:29:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
1947777
ETag
"1f57-4f322c4db8100"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8023
jake_test
Test_Pass
Expires
Tue, 06 Sep 2022 08:39:58 GMT
121003_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/121003_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9806d62bf84b7ccba77438e9f90e04f7f506a74756b7d0f191ece8f8fd890d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 15:01:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
2269577
ETag
"1f8a-4f323e1e30880"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8074
Expires
Mon, 12 Sep 2022 12:06:12 GMT
340306_th.jpg
i.123g.us/c/esep_roshhashanah_happy/th/
6 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/340306_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
791349cd8a337e17caddff1bec07bea42df705ae55139fe376d445fb3b4719ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 16:43:39 GMT
Last-Modified
Sat, 07 Sep 2019 06:27:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
1745056
ETag
"165d-591f0a7908c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5725
jake_test
Test_Pass
Expires
Sat, 10 Sep 2022 07:05:51 GMT
340437_th.jpg
i.123g.us/c/esep_roshhashanah_happy/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/340437_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e99d7592455b586a0fffa37db2a3fb1ddf5f348faaa9a1821932ed8208dbaea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 14:17:39 GMT
Last-Modified
Fri, 27 Sep 2019 13:43:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
112216
ETag
"1deb-5938911bdb040"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7659
jake_test
Test_Pass
Expires
Tue, 27 Sep 2022 14:32:39 GMT
121000_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/121000_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e29b0a4b84bab466325d53d6849b8071d00d0c3d60d974da6c42a2fb89baca2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 11:12:15 GMT
Last-Modified
Mon, 24 Feb 2014 08:29:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
1160140
ETag
"1ecf-4f322c4db8100"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7887
Expires
Mon, 19 Sep 2022 19:36:04 GMT
344215_th.gif
i.123g.us/c/esep_roshhashanah_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_roshhashanah_happy/th/344215_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f1be99290ad42ed29430bdb7d2cac4866a648070f3dd626603d07d66b44fc60a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 17:32:04 GMT
Last-Modified
Mon, 12 Sep 2022 11:31:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1396551
ETag
"1f9f-5e8793b5a1700"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8095
jake_test
Test_Pass
Expires
Tue, 13 Sep 2022 12:37:50 GMT
cal_block2.gif
i.123g.us/images/special_block/
24 KB
24 KB
Image
General
Full URL
https://i.123g.us/images/special_block/cal_block2.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 07:00:43 GMT
Last-Modified
Tue, 23 Aug 2022 04:50:03 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
829632
ETag
"5fd2-5e6e14c2a9260"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
jake_test
Test_Pass
Expires
Mon, 19 Sep 2022 07:15:43 GMT
319072_ic.gif
i.123g.us/c/birth_happybirthday/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/ic/319072_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d4329aa3e538e1b94cbf5bae1e9fc5b922a9b43586a0fe0c14f6d68658c6651e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 08:52:47 GMT
Last-Modified
Fri, 25 Sep 2015 13:30:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
650108
ETag
"b75-5209258b31a40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2933
jake_test
Test_Pass
Expires
Mon, 26 Sep 2022 14:23:16 GMT
332173_ic.gif
i.123g.us/c/birth_fun/ic/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/birth_fun/ic/332173_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7a1dd1bee7fb2e7ed17e9d3fe95f0cd31207577ab981ff4ebc6ebfb2d88f7c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 17:45:03 GMT
Last-Modified
Tue, 10 Jul 2018 11:10:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1741372
ETag
"f60-570a32da017c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3936
jake_test
Test_Pass
Expires
Fri, 16 Sep 2022 13:48:19 GMT
342903_ic.gif
i.123g.us/c/birth_wishes/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/birth_wishes/ic/342903_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
b44b2ba17533f2e7a05bcce1f4644f24aad90223ab3d443d7db8179259f78a81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 08:49:03 GMT
Last-Modified
Sat, 04 Apr 2020 04:34:24 GMT
Server
Footprint Distributor V6.1.1162
Age
391132
ETag
"afe-5a26f8c643400"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2814
jake_test
Test_Pass
Expires
Mon, 26 Sep 2022 11:25:42 GMT
100906_ic.gif
i.123g.us/c/anniv_wedanniv_couple/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/anniv_wedanniv_couple/ic/100906_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
594eb6310d95df9a0b7d3f647a1a9ba96aff08290fabe13caae3df26eff79056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 10:50:48 GMT
Last-Modified
Mon, 24 Feb 2014 09:35:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
211027
ETag
"b72-4f323b2eb1b80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2930
jake_test
Test_Pass
Expires
Mon, 26 Sep 2022 11:05:48 GMT
333564_ic.jpg
i.123g.us/c/love_iloveyou_general/ic/
3 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/love_iloveyou_general/ic/333564_ic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
b165b9bf964ace149f7ab7968ca7448a65c778edb34837cc5c6dcf89dba49953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 06:48:39 GMT
Last-Modified
Fri, 23 Mar 2018 14:56:47 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1521556
ETag
"d0f-56815a21d89c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3343
jake_test
Test_Pass
Expires
Wed, 14 Sep 2022 02:37:28 GMT
119055_ic.gif
i.123g.us/c/esep_fall_happy/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/esep_fall_happy/ic/119055_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
afff8b457f58eff10d6c36cc20fa2b30479d1ac83c1ccc32f4d83b44b2ba922e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 07:53:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:39:33 GMT
Server
Footprint Distributor V6.1.1162
Age
308040
ETag
"a50-4f323bfbbbf40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2640
jake_test
Test_Pass
Expires
Wed, 28 Sep 2022 15:04:15 GMT
349580_ic.gif
i.123g.us/c/birth_sonanddaughter/ic/
3 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/birth_sonanddaughter/ic/349580_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bd3ea71142da2f789c88adb1241f941633506f4139287c7e7a67b651d024f8c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 14:58:56 GMT
Last-Modified
Thu, 03 Mar 2022 13:05:59 GMT
Server
Apache/2.2.15 (CentOS)
Age
628139
ETag
"cb9-5d9500f307bc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3257
jake_test
Test_Pass
Expires
Tue, 27 Sep 2022 12:52:27 GMT
104722_ic.gif
i.123g.us/c/esep_fall_thanku/ic/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/esep_fall_thanku/ic/104722_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3e447ddad010867309736734922344a126c573fc8443dd5bd3f5a4d94fbce5b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 10:00:38 GMT
Last-Modified
Wed, 05 Aug 2015 18:32:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
1769237
ETag
"ecf-51c94a0333000"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3791
Expires
Thu, 08 Sep 2022 10:15:38 GMT
318386_ic.jpg
i.123g.us/c/anniv_anniversaryetc/ic/
25 KB
26 KB
Image
General
Full URL
https://i.123g.us/c/anniv_anniversaryetc/ic/318386_ic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2b5d7d9ce81b9e387c1aedc4b12c6f084f3ec0cc4c8da0ed9719670425522b4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 07:42:05 GMT
Last-Modified
Fri, 07 Aug 2015 06:12:38 GMT
Server
Apache/2.2.15 (CentOS)
Age
1950350
ETag
"65de-51cb285cb4180"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26078
jake_test
Test_Pass
Expires
Tue, 06 Sep 2022 07:57:05 GMT
346130_ic.gif
i.123g.us/c/gen_thinkingofyou/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/gen_thinkingofyou/ic/346130_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
c4e4bb8fadc43078cdaa7cf5724af61540fddfeffe414b4ab817655f532e2cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:01:13 GMT
Last-Modified
Wed, 03 Mar 2021 10:23:12 GMT
Server
Footprint Distributor V6.1.1162
Age
437202
ETag
"c4f-5bc9f3cf40400"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3151
jake_test
Test_Pass
Expires
Wed, 28 Sep 2022 08:00:15 GMT
342901_ic.gif
i.123g.us/c/birth_hubbywife/ic/
3 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/birth_hubbywife/ic/342901_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f77932c1ed84c66e07cf14f8ed43a283d3499660202b34ebf58015284e581359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 09 Sep 2022 08:36:52 GMT
Last-Modified
Sat, 10 Apr 2021 06:13:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1687863
ETag
"d44-5bf982ee13a80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3396
jake_test
Test_Pass
Expires
Mon, 12 Sep 2022 12:16:10 GMT
103931_ic.gif
i.123g.us/c/esep_allangelsday/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/esep_allangelsday/ic/103931_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3c9fcd410ceee4d62d9fa2a46f8726de356198cd30fa4a75e9651ffe9cdd932e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 12:13:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2452464
ETag
"a23-4f323c5fdeb80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2595
jake_test
Test_Pass
Expires
Sat, 10 Sep 2022 06:31:00 GMT
342729_ic.gif
i.123g.us/c/gen_getwell/ic/
3 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/gen_getwell/ic/342729_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c4918e6af5917966e527eee504092a007b9349ba77534848c429d398920879a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:39:24 GMT
Last-Modified
Mon, 23 Mar 2020 09:16:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
445711
ETag
"d6f-5a18218982d80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3439
jake_test
Test_Pass
Expires
Wed, 28 Sep 2022 15:04:15 GMT
100772_ic.gif
i.123g.us/c/anniv_ouranniversary_forher/ic/
3 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/anniv_ouranniversary_forher/ic/100772_ic.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a9d6baab9178d7fbea56932b81a5420d4f2af1934b4b68c308c36a23b01187ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 06:38:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
1954157
ETag
"bda-4f323d9e65b00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3034
jake_test
Test_Pass
Expires
Tue, 06 Sep 2022 06:53:39 GMT
338229_ic.jpg
i.123g.us/c/birth_bronsis/ic/
2 KB
3 KB
Image
General
Full URL
https://i.123g.us/c/birth_bronsis/ic/338229_ic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f19832ec7013ef8e12311af7dec902f65f4346586c79c61fb7277a5a56173f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 17:10:36 GMT
Last-Modified
Thu, 28 Mar 2019 13:37:16 GMT
Server
Apache/2.2.15 (CentOS)
Age
361039
ETag
"973-58527a7069b00"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2419
jake_test
Test_Pass
Expires
Sat, 24 Sep 2022 17:25:36 GMT
jquery-1.11.1.js
c.123g.us/js2/
94 KB
94 KB
Script
General
Full URL
https://c.123g.us/js2/jquery-1.11.1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:09 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373406
ETag
"1762e-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95790
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:09 GMT
jquery-migrate-1.2.1.min.js
c.123g.us/js2/
7 KB
8 KB
Script
General
Full URL
https://c.123g.us/js2/jquery-migrate-1.2.1.min.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:45 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373370
ETag
"1cb3-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7347
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:45 GMT
swfobject.js
c.123g.us/js2/
10 KB
10 KB
Script
General
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:56 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373419
ETag
"261f-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9759
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 11:48:22 GMT
123g_utils_v1.js
c.123g.us/js2/
124 KB
30 KB
Script
General
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
ddafcb62dd9406b687b84fe105a65220cfd60685bcf93cbcd092071368b4dde1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 10:11:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 10:10:37 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1163777
ETag
"1ee62-5e8b474ef84a5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30746
jake_test
Test_Pass
Expires
Thu, 15 Sep 2022 10:26:57 GMT
utilsopt.js
c.123g.us/js2/
22 KB
7 KB
Script
General
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 06:29:30 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Sep 2022 06:43:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Age
1436305
ETag
"57b2-5e7c029e2b0e5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
Expires
Mon, 12 Sep 2022 06:44:30 GMT
123g_subcategory_opt.js
c.123g.us/js2/
9 KB
3 KB
Script
General
Full URL
https://c.123g.us/js2/123g_subcategory_opt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 12:15:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373405
ETag
"2257-5afe5ec74c340"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:10 GMT
rakpanel.js
c.123g.us/js2/
3 KB
2 KB
Script
General
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373420
ETag
"d4c-57300e738b200"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:56 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/
20 KB
20 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:42 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373433
ETag
"4ec6-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20166
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
162 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
162c160474f788f2c92dcbd6c6a1435069cbd5598b22053d4987b6f8d3537490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57799
x-xss-protection
0
server
cafe
etag
15177586270470904383
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:55 GMT
js
www.googletagmanager.com/gtag/
106 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
334cd7dafed92e911bb67b44c45ab69242b70b6de637231dd3ef2e11933cbdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42326
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Sep 2022 21:27:55 GMT
js
www.googletagmanager.com/gtag/
220 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a896949b879ec4b203ca192d39ea0750e5643eb26c24026b3978409fc9c10fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77306
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Sep 2022 21:27:55 GMT
styleopt_R1.css
c.123g.us/css/
81 KB
16 KB
Stylesheet
General
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/sub_categories_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2022 05:14:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373439
ETag
"14218-5df6a8f0bdcc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16272
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:06 GMT
modal_window_R1.css
c.123g.us/css/
33 KB
7 KB
Stylesheet
General
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/sub_categories_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:38:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373416
ETag
"8220-5a7b79c425580"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:59 GMT
clear.js
s.gk.123greetings.com/2/945541/
6 KB
3 KB
Script
General
Full URL
https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/chk_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1cfe5746107715b9c9a66f5c836d63f0422ee6958122238b8c7672555dc7d3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:27:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2651
Expires
0
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e402b1dd181178b6adc34088ffc64b62538a199d9036ac64242d4c06bc45078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 21:27:55 GMT
content-md5
F0LVcfMg+TQwhQFWCtvPoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
JmjKDvHhEL4MtIAXFAFrok6YgGgO2bmKyIrW57br0Xwvnc9eTDbKxa3OpaVYwQfuaL8dSOCfL9WDlXLHo3Q+Uw==
x-fb-trip-id
917726464
x-fb-content-md5
09a90dd05298a28a57cb35a5af14b296
cross-origin-opener-policy
same-origin-allow-popups
etag
"c61f61bf7baa4669c4cfa2f9a1dafc86"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 28 Sep 2022 21:47:28 GMT
123g_master_bg.png
c.123g.us/images/
145 B
501 B
Image
General
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373439
ETag
"91-54a227b81c940"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:36 GMT
master_img_menu.png
c.123g.us/images/
6 KB
6 KB
Image
General
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:46 GMT
Last-Modified
Wed, 15 Jun 2022 10:44:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373369
ETag
"1861-5e17a33733040"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:46 GMT
icon_set_R1.png
c.123g.us/images/
139 KB
140 KB
Image
General
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Last-Modified
Fri, 20 May 2022 05:14:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373439
ETag
"22ca6-5df6a8f0bdcc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142502
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:36 GMT
big_img_sprite.png
c.123g.us/images/
134 KB
134 KB
Image
General
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:10 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373405
ETag
"21653-5924300b6d700"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:10 GMT
master_icon_set_2.png
c.123g.us/images/
88 KB
88 KB
Image
General
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:57 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373418
ETag
"15fce-5d80a1da24680"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:57 GMT
123g_master_icon_set_2.png
c.123g.us/images/
60 KB
61 KB
Image
General
Full URL
https://c.123g.us/images/123g_master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:36 GMT
Last-Modified
Tue, 15 Feb 2022 08:14:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373439
ETag
"f1d2-5d80a1da24680"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61906
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:36 GMT
request.js
trkn.us/info/
2 KB
1 KB
Script
General
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.238.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-238-249.compute-1.amazonaws.com
Software
Apache /
Resource Hash
cebb1c8b29feaaaeaeb983ccad9be8715180f2f571948c7aee4561300d0377eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:27:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
732
Expires
Sun, 01 Jan 2014 00:00:00 GMT
addressbook.js
c.123g.us/js2/
401 KB
76 KB
Script
General
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:10:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 06:15:37 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373421
ETag
"64550-5e5b4be87d440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77410
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:25:54 GMT
closeBtn_h.png
c.123g.us/images/
1 KB
1 KB
Image
General
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:00 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373415
ETag
"42a-54a227b6344c0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:00 GMT
sdk.js
connect.facebook.net/en_US/
319 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=90fcc18e246f5340154aff0e704df1c4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4840511cdcf8c894618035291b786c078e11685f171c40da36a38b4423bbfc5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/
Origin
https://www.123greetings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 21:27:55 GMT
content-md5
PMqZZaqvphpj9oNqCjsKew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88833
x-fb-rlafr
0
x-fb-debug
aAY8O7hO6TyWGtR+fVK17Lao0OyTKgkB0r5SK/pT7jQwpRqxzeYCUwUJw30hQpJXvifRzj+eovOhk+zCUieuNQ==
x-fb-content-md5
9aab4dacbeb319e33f236b79e1dcc496
cross-origin-opener-policy
same-origin-allow-popups
etag
"c56c714fdfd2ec049472332acc63a84d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Sep 2023 19:49:53 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 21:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
718
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Wed, 28 Sep 2022 23:15:57 GMT
js
www.googletagmanager.com/gtag/
220 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2ff63f739cbf706608bc4e5445db4f91b4cad9cb7eba820904708add8e50da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77421
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Sep 2022 21:27:55 GMT
connect_config.js
c.123g.us/js2/
203 B
565 B
Script
General
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.115.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 10:11:16 GMT
Last-Modified
Wed, 15 Jun 2022 10:42:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2373399
ETag
"cb-5e17a2e52eec0"
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203
jake_test
Test_Pass
Expires
Thu, 01 Sep 2022 10:26:18 GMT
collect
region1.google-analytics.com/g/
0
350 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-47Q5QDHYDP&gtm=2oe9q0&_p=1951913476&cid=92393879.1664400475&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664400475&sct=1&seg=0&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dr=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&dt=Rosh%20Hashanah%20Wishes%20Cards%2C%20Free%20Rosh%20Hashanah%20Wishes%20%7C%20123%20Greetings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1951913476&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ul=en-us&de=UTF-8&dt=Rosh%20Hashanah%20Wishes%20Cards%2C%20Free%20Rosh%20Hashanah%20Wishes%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1235101319&gjid=1299787983&cid=92393879.1664400475&tid=UA-5085183-1&_gid=1673547802.1664400475&_r=1&gtm=2ou9q0&z=1661750545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/
348 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1d623ed9cef6e07eb820b3e52ad4c9c37b2446284d40913a0d8cb5bf4b4d90b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125663
x-xss-protection
0
server
cafe
etag
13996928817613714732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/ Frame 5561
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7799
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 19:17:56 GMT
etag
9671129459699598864
expires
Wed, 12 Oct 2022 19:17:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
1 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-5085183-1&cid=92393879.1664400475&jid=1235101319&gjid=1299787983&_gid=1673547802.1664400475&_u=YADAAUAAAAAAAC~&z=1152627840
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Sep 2022 21:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?oz_pl=1&pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&_x=1
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:55 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.gk.123greetings.com/2/2.69.3/
161 KB
51 KB
Script
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/main.js
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b4e9bb364cfe712a37907bbb9c3c7ebecf4ab20319b7f7dfbf562df557b37ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 21:27:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
51582
Expires
Sat, 06 Jun 2054 07:04:40 GMT
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dvis=visible
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dvis=visible&ip=80.255.7.106&cuidchk=1
42 B
780 B
Image
General
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dvis=visible&ip=80.255.7.106&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
HTTP/1.1
Server
54.85.238.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-238-249.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:27:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
Content-Type
image/gif
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Wed, 28 Sep 2022 21:27:55 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/html; charset=UTF-8
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8751111294.802567&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&dvis=visible&ip=80.255.7.106&cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
cookie.js
partner.googleadservices.com/gampad/
220 B
647 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61caf66449ca54ddc6675872cc9ba130904ac594eab1c74d3472d64517859631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D73D
129 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1664400475&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400475490&bpp=4&bdt=761&idt=331&shv=r20220927&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5669370278883&frm=20&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400476&ga_hid=1951913476&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31069935&oid=2&pvsid=4124693949371190&tmod=1867541146&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4305820c2591d929e5192c467fe383be8991c9fc5e87181b65e001abb5ac825f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32926
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:56 GMT
expires
Wed, 28 Sep 2022 21:27:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?oz_pl=1&pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&_x=1
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:55 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400475916&oz_l=311&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:55 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3
https://www.123greetings.com/ Frame B45E
185 B
0
Other
General
Full URL
blob:https://www.123greetings.com/4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400476081&oz_l=5728&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:55 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gpt.js
www.googletagservices.com/tag/js/
80 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27722
x-xss-protection
0
server
sffe
etag
"1348 / 948 of 1000 / last-modified: 1664363254"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 28 Sep 2022 21:27:56 GMT
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400476254&oz_l=5157&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:56 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400476410&oz_l=998&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:56 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pubads_impl_2022092201.js
securepubads.g.doubleclick.net/gpt/
379 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 09:15:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131358
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 08:36:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 09:15:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
655 B
883 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d07aac18bd7e8a933058bc7ba424813cf1c8d40880ec10bcafd14756f8d6ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:56 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/
151 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/reactive_library_fy2021.js?bust=31069935
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc1981831ba76df8cb616fa4e7dfe2fadf9e2fde70c109529029fcc9dbfc277d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55035
x-xss-protection
0
server
cafe
etag
2760252822280131244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:56 GMT
f1e3ccae-1490-42e6-96da-2767b26799a5
https://www.123greetings.com/
787 B
0
Other
General
Full URL
blob:https://www.123greetings.com/f1e3ccae-1490-42e6-96da-2767b26799a5
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77399296691c176b2662c8f2d586947fdf80650b221750e0bbb7200fd5ae9f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Length
787
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400476566&oz_l=655&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:56 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/ Frame 63F8
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 00:40:16 GMT
etag
9671129459699598864
expires
Wed, 12 Oct 2022 00:40:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
0
36 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4124693949371190&correlator=3249734998731139&wbsu=e61dfc3f-73dc-4c7d-9435-581d44bcb115&callback=googletag.wbn1&eid=44761478%2C31069953&output=wbn&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=46400095%2CDesktopWeb_SubCategory_LB%2CDesktopWeb_SubCategory_Mrec%2CDesktopWeb_SubCategory_SecondMrec%2CDesktopWeb_SubCategory_LowerMrec%2CDesktopWeb_SubCategory_BottomLrec%2CDesktopWeb_SubCategory_BottomSecondLrec%2CDesktopWeb_SubCategory_LowerLB%2CDesktopWeb_SubCategory_Video%2CDesktopWeb_SubCategory_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C970x250%2C1x1%2C1x1&ifi=3&adks=3914305483%2C1127719608%2C4293624944%2C3694362538%2C3926068587%2C1178609660%2C2276923048%2C933155397%2C4230775942&sfv=1-0-38&fsapi=false&cust_params=site%3D123greetings.com%26section%3Desep_roshhashanah_happy%26page%3Dsubcategory&sc=1&cookie=ID%3D882ba1a421662b8a-2237a88d33ce0044%3AT%3D1664400475%3ART%3D1664400475%3AS%3DALNI_MaQUZEVbYkOFyaF-7nSz4K8EQ8Hqw&abxe=1&dt=1664400476647&lmt=1664400476&dlt=1664400474730&idt=1845&adxs=560%2C970%2C970%2C970%2C970%2C970%2C310%2C0%2C320&adys=47%2C236%2C518%2C1870%2C2152%2C2434%2C2722%2C2916%2C1157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&frm=20&vis=1&psz=980x90%7C320x262%7C320x262%7C320x262%7C320x262%7C320x262%7C980x37%7C1600x2896%7C630x0&msz=728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C980x0%7C1600x0%7C630x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0&ohw=728%2C300%2C300%2C300%2C300%2C300%2C0%2C0%2C0&ga_vid=92393879.1664400475&ga_sid=1664400476&ga_hid=1951913476&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37067
x-xss-protection
0
google-lineitem-id
5292193851,5293205434,4675581572,237051735,-1,-1,-1,5501288042,5461263814
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302591891,138302527698,138233506852,99278132415,-1,-1,-1,138326033967,138321279906
content-type
application/webbundle
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e61dfc3f-73dc-4c7d-9435-581d44bcb115
/
236 KB
237 KB
Script
General
Full URL
uuid-in-package:e61dfc3f-73dc-4c7d-9435-581d44bcb115
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
UUID-IN-PACKAGE
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3e73b1ac7e751096c41463a2cc193711a0dc83ebc4e31c323b9ce5c0cad6add
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
css2
fonts.googleapis.com/ Frame 63F8
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Sep 2022 21:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 21:11:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Sep 2022 21:27:56 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 63F8
205 B
742 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:21:45 GMT
x-content-type-options
nosniff
age
3971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Sep 2023 20:21:45 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 63F8
604 B
694 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:10:21 GMT
x-content-type-options
nosniff
age
1055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Sep 2023 21:10:21 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/ Frame 63F8
19 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8220
x-xss-protection
0
server
cafe
etag
2919620596669342719
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 19:38:46 GMT
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400476727&oz_l=6392&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:56 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
css
fonts.googleapis.com/ Frame AADF
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 21:05:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Sep 2022 21:27:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame AADF
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:05:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame AADF
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:17:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame AADF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:25:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame AADF
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:55:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AADF
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame AADF
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 05:24:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Dec 2022 11:48:40 GMT
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400476881&oz_l=2027&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:27:56 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3419
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 20:39:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3419
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 21:27:57 GMT
expires
Wed, 28 Sep 2022 21:27:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:57 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F87C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2qoiGKyTPhxuCIhso1LgOgtwI-WwYPcBG1Nt72xJmor5zh5KvqnUje9sATQLt3vAxcU4sV-ngfBzpTTzxMkffyXb7MhAe8B0buBuKsqm50iOzntwAr2bTRGoqRsrMvcrp7P6TAs7hZvVN3Q4-7hovc_kkyCYNXSsMYjbnNj47PzbRMiNZ6QYzX6UYPh7KQg_w50XyKjJrMPF4yaWEqASGkJt1WqbvjfULQh07QanPOMsqnpyUK6yxxqDpGvAJrFFL4wvcy9AvVpUJHxq9NWA5m0BkAvdcIl1soNXDkF_ih9Cs9FRrG0ci_OkG0eU6R4sADLhkNuGEqrkZjVdlQeOewgoemQ&sai=AMfl-YSn-l1BZlguKm5VJ10O1HLoGOfRIFF7k1JAXcGonSw0HHg18vZ757tfB8QKEMJ4-pkdkiWNQQ88i_TnNfqawm09rXKbFdYa7KE68ixUhhiiSoCpCDjVjJOvrZt5katMWQ&sig=Cg0ArKJSzCpi8nW54SVVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F87C
113 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
644bd33d6e377a922ccefb30a36ed9ee7a0cd81bf45db43cb72a754381a0c202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40192
x-xss-protection
0
server
cafe
etag
5246164567426941269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F87C
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C065
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstObkc7gJ0V2NflgDtWvWMMDpG2dKudSM6MJIQ2ZM-MfiHUp5maVfiPKFM-tkBlXg0ZMqe90n_kIk4-jLuEbpNsbHNc0Te1ItmKGc1yYaO6jE4ebzPGzxD53qeG9bYrKhuioxY3KdhbNGiTX6cRXPp9u4Sfl7kBqQTXMCSh-sNH3DTezwSLhnZhkfwcOslv9Ppy7DahB5KasOoCqy5cJKURsghnhSlDx3NLAjxAK9bml6BLh1pS5vAxQ8GYHgkQ3gNbzwpzKRhH5gPTbqc-miWBCRsaMU01cYMAuS8pcyzf90B9cMPxVtd3HUGUftIrUnqXKCdGuS3dujivI8MMTGkt-ODhPJQ3&sai=AMfl-YQljap_xMvw59fjfOz0wmxpaoSfdMHShPDIuABygvS7VQJqPub6vTKHvg0C2WJT1jKxSS6J6XAdKWZqujRk69v0RI9hOIJt0A1WUgd9wXs4-c8Jlft8DiqwryAEjx04PA&sig=Cg0ArKJSzFomXX0QWji2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C065
96 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
955c4fc386809574331c34dcdaf67e63bca3c88804e4228fb4e5a750ff2ea254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35967
x-xss-protection
0
server
cafe
etag
424352370590802352
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C065
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7B4E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPmvcShqrAD1ejcVK8vkDGS3oOGe5vy0oGla46TDH4KMx49BQ3bKsDoWyQHCvEMvmWfyjc0cJY1WgDgt2MTC-N2vnQ37p0U195KZARsFnZRs83E9QR7264-JRD6qGi_1_lrvFfl9HOK6YDVQcd5M66UHexecqbIZQIE1bKDM9yLF8G9ln_VdxTqw14T9pHv-3rAIH_UManh833SPHLw1ws9OEEpfuYuIQyppgUe9zpIoEeTxO8TkPOicXnIG6y0j8dJvItIA7-XyGtT_Ls_4aJn5Q3MSMf9TAWaySmaPuA4kz6LKc5l-mJ_8K8QhXZ1ngn0SdGXvX28ae5XOoYdaLhFbRQLpgrRs4BCvIt&sai=AMfl-YShWdImxeMBXJGJ-KfCMiuSu8RTCj6z4bng5SMyVMVg152BJ9wKuH8e1mosf8KcA1DYCov1eJxmAQmG-1oRpnJRNIHlosCc-fqUekKJJGMVwDVIOJD3AzRFIgmvICGxMQ&sig=Cg0ArKJSzEo3Pef8lx0YEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7B4E
113 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f89e0b3ce8f1d125cc6d50f1225c9fbd6afd106ebcc0aa08994e453bdbfdd67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40196
x-xss-protection
0
server
cafe
etag
3862092120325486455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B4E
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8D31
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK8GjrPDGSySFgHmHjzqzF_hrc7GK55nBy4qMaas7twqCCAvSTMx8Gx7ZVb-cIdRpzHNcDwENWqz1-D8he98kezUpT3Z9kX9xCezbzxTduYMpygaB9nudBJPqQAewcaONAM1eMs1VNy5Yfn1WqSQs6F-A2RP9r0Di6kBEMUco62w4owIeLWztm5BowyjiRvxiPqCjSecMbDpBFNn6QFg7h95Yg0LrZDpy0oWSdnF4VurKN65IIfuk3VDlDYzO_BM-iFZHLQIzP_jjiZ4y-Dorl1BXp8tcSjjGUACm_0yUVmKX0FNLT7WZ9joBSmRyFDoSGMi6LCVgYwRvnYZmc0p7-AZfqNXf0bY9wgw&sai=AMfl-YRB3I0yNvqlC5SHcGRZDWTd3KcXwIw8Up3IP-3xjmcGVScsXF83kOykgjsSl_5sEVIrEFdUSirN9iGO195ib_AsGaKyKDpDl08Wm9n5CA8ObdqyhnV5aB5rLEjg8H1rGA&sig=Cg0ArKJSzDMpgRbWNopiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8D31
113 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5fb2f28253ac793314415bc1e1c28e77b08ba8a2e8a931db30e8ee36b142adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40192
x-xss-protection
0
server
cafe
etag
17275684965583746517
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D31
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 7313
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
etag
"b9e6b1d3ca7cc68d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 7313
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"dcaf3864e0ab6b08"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 7313
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 16:38:30 GMT
age
190167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"95b4b320f7966d1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 16:38:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 7313
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
etag
"5561dff7c028bd87"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 7313
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
etag
"00747b471d2f1a24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
truncated
/ Frame 7313
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc4c6d8d147745b8e438b7e5e6b6a1dac8cc3cf2d253cf9c3bba8f0d9b1803e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 798F
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
etag
"b9e6b1d3ca7cc68d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 798F
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"dcaf3864e0ab6b08"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 798F
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 16:38:30 GMT
age
190167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"95b4b320f7966d1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 16:38:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 798F
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
etag
"5561dff7c028bd87"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 798F
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Sep 2022 17:08:56 GMT
age
188341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
etag
"00747b471d2f1a24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 17:08:56 GMT
truncated
/ Frame 798F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd9d59ff4c8e5811cb254f6eb3e933389b4b19b15a7e5b82ab60f449ecc75c52

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
4d450be1-4a3c-c781-0a78-c7814a3c4d45
/ Frame F1E9
25 KB
25 KB
Document
General
Full URL
uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
UUID-IN-PACKAGE
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36068a5436fcbd3405d7397e52847f1685a9c3e7405fd539bed3a4900be2bf7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
view
securepubads.g.doubleclick.net/pcs/ Frame AFC3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb9g9T2OA6E7tmBBjStTiPJpINVjgPbsilCtc7WLpOfXAt0gPzmhcRgpfLzzHzQYi6dGgpi_0o1MAbbm49i6I6jXSRuUkF96p1AU7hv-ttkBFEB7skudffUGuNzkNHQXmFMWRMNV5kWtxe-XB7aA1b67JY3LjvMySeVTWyQ1lYG3ur-0S60wEk4jWHCOBH6Vf49CWEDKhWUR8vHW1kVJLqpfBphn_Fvs88TaQ-cerowampsv5j4YCvMuKTGnkxXjuE7Zoid8zdT_4JgQa0GDuNtSLNhtw2vrtzcWjDy-iNEu747CmnwccfxU0BCfbZB9pplafbOvW8RNS4Wqm0o_oqtV9KePDSnko&sai=AMfl-YT6M9siY_tpslVEBNVWDTsW2-OMedgJIcTzQNU3TRe1p5aIj4z_hDWfGs5FrT6TqbG7w6KATWZB88Ft2nYnCpCnrscVQPUOOkTFXBmALLaEONFK4p4e3HJg2dW8g0MX6g&sig=Cg0ArKJSzJb9i8kU8slEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame AFC3
32 KB
11 KB
Script
General
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 13:07:50 GMT
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
30008
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
PSaKgRXxh_pIIGB8sDwVXuUyB4P5IDDH3kcIbcuS9FcsTqxpdct_bw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AFC3
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F0A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQRWJ_V9QcjKQtwN1k6j5l-VpLKHrXp6B1oOLanUmbBUYAaE8H5aQOmGc7nYfR7eTtkoENLHWkVQTrznZonPR4PLBCBaSsK976dOZsLPdvGVU8hFSsIf1EDE9Bk02ejfLc79UuVmAvfjGfrALabgC0OHFFCz0FmCRFDPaxE9y7tC-OGDm-JrkPA7aRa7IKOhGWUtWPN54Eg3AOjtzuuASEdVN8KpGVKYOb_Fju_ffL2zWR9BN_31bIaW0DtOVTQqKqAHscXq9FmuJt98T4YlkekC-ZkP0ZgyxJpSUCwbWvUjs2zf_UC4_5MYaTGGmRuW1bODU5JxMTpSIwGXSxOo8jdDYH_45iFj1szR-h5kqc6Kk&sai=AMfl-YQWIneiTnRfB4qS4WiSh0AtSr9fOcb1J03Bz5Dj8g_dWTKO0koZDC1NGMv98R7zPJBxaeVQY8DAXh_ysMjqGs48X5uqjUnqLgBs9hbYB-e8FrqmiUUJhfc9rP0tEnQPBQ&sig=Cg0ArKJSzIYr07lOpoL-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/sweet_and_special_wishes.html?utm_source=img1&utm_medium=newsletter&utm_campaign=Sept22_nl_wk4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame 3F0A
32 KB
11 KB
Script
General
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 13:07:50 GMT
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
30008
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tAfBeELTd9npqMl3Go_5cG2ukw3wxDGz0MqRdCoXqlb-KkCEAr5tsw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F0A
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
7715149523900090432
tpc.googlesyndication.com/simgad/ Frame 7313
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7715149523900090432?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn6oBbQBGqIaSILY9k0kovAk4MFiQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1e3dbb8b498c8f65ed22dcf127a9c1bb2ae2b506d1dd85e2353e45f06c3bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 00:25:36 GMT
x-content-type-options
nosniff
age
421341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40755
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 10:10:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Sep 2023 00:25:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7313
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41799
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7313
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41799
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
l
www.google.com/ads/measurement/ Frame 7313
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGXTGkCsFsHzkDeLbpDewRr_TBMe0MhO2Xgf-T6hFAttKEfigu193sLfEnbKSMj69sFIjRzBRJbINjGoDTZTh9qaNc_w
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 7313
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CT_IxXLw0Y8DlLeKB7_UPvbaliAOA3KzXbK-ns_GlEMCBkOS0LxABIO_2kCFglfrwgYwHoAH0xJCfAsgBAuACAKgDAcgDCKoEkQJP0FlKWbHEpjmUQ3Dq6ZTYu3JG6-jstpqpIvAAWQESX9f8apTjjWS7qiLlWtohEY0x4VmBSNZl8A_eOEyMN9mfCtqu1yeFnPTQ_6M9qlm5QRc9njH-0RhTAe5G6FVsNTBYoyoiVWurwqgd26ezhNqxLP5vsBtLZVNTRQKrbOJLDLrbX6OKDn4ZxK14nMuARGbM4q8337eveKETNHS-28qzTKNXgMPIFO43KHmxfsXXPP52mJvvtT3_ydIv6bF-z2J0npLvDjaa258lUjc2G8wjpw5m50tmhEBXsrPiQTXmWGI4nqdbInoyFJYzRKxDksErZydKlSYSsGrsC5OPEKoeLMBszg_KDV3gJ7dyQz9OAUzABLvivJ34A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfEpvLgAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOidA9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTQ2Mjc1MTc2ODAyNDk2NzAY_9cX&sigh=5A4IXnH_Oq0&uach_m=[UACH]
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

11744364027285692477
tpc.googlesyndication.com/simgad/ Frame 798F
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11744364027285692477?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkfaCtjuOXk15b6tHzSfOeSRPUU9g
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc14bcdb558e2e685e0680e09f65b7a34bbb50fc5138c5bfe86693c28a17e689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 07:55:04 GMT
x-content-type-options
nosniff
age
567173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17077
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 13:03:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Sep 2023 07:55:04 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 798F
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41799
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 798F
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41799
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
l
www.google.com/ads/measurement/ Frame 798F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReMk_YAfk6y_1N4dsULdnsPxp5yLRZMPeEPycfVnaXuFUq0JldfhUBlCXZD5-Lov4lk-Heon_dQCzlN6I9o10CmlIteQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 798F
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C28wAXLw0Y8zmLeKB7_UPvbaliAPKxfX5a4jokbn2DqfW_fGhERABIIXskgJglfrwgYwHoAGT-77fA8gBAuACAKgDAcgDCKoEkQJP0ABT3gsUx5pJrPz2yBTcl2FOjgbcl27eicYKsBuaZfaPXCWOm73T99vH5zQD0dms9DLlJ1Vqai0x66KDEdCT6WuV5bLPBXUNDBXtv9icUux4c4PRqb1i8iZRigTPuo0vsJvqpw7JPLpdmrRt_H1X8_RyE4uoOsdoniw6G1nJNcNNdUIYWaNKi1Sv-moWokU2yPURs2823qpeJAQrTPlNPyJ6F1QKfBt7QVbTUZZTe66984We4Fe7DTxwh1efxGTDXh4hYyOKXXD7GMMWfxW_G-oAFWEC1aEwhwE-iOO5nSncyFOsHCVdZqKNrnUm1qyWffujP3cchcnThXTeJIku_kqZUQekSDB5oapzAA6WrtPABP7Np7mVA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfVhMEgqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqYAD0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItODI3NTMwMjEwNzY5MzY2NBj_1xc&sigh=ZFJFlcLuZfk&uach_m=[UACH]
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F1E9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:25:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame F1E9
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:55:22 GMT
l
www.google.com/ads/measurement/ Frame F1E9
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSB68w7n326bIjdQoFc29H7OCIB4fUTsMUvsCan3EKEStDDb9Ap8jtgEytyN93Onjzr4mbJ7rz6d5Ss-jC1pF2NwzvRWQ
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F1E9
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 11:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Sep 2023 11:14:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F1E9
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:57 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F1E9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClH2WXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoElQJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDAQTVkzAJDY5cSdJVIjsNDyFZAXXNm16OSWcCcPFlCOfXZM1UjPT4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjI3NTE3NjgwMjQ5NjcwGP_XFw&sigh=CmFkzztyGsk&uach_m=[UACH]&cid=CAQSPACsnQUx5kMvxs3su4G7n-u2fA-ZkeTLu3hnHrHsVD-LKUbotHLK5xJVbYm30Mvgd8Hg36FegvIDv7NIwxgBIBM
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

notify
rtb.nl.eu.criteo.com/google/auction/ Frame F1E9
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFOv_CsoH-gGdg2ICAgAAAKFRO4yZdx9SCxEQkCvlr5wQXLw0Y88Q1LHTIQBvnHboABIAAA&wp=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
233576
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame E1F3
226 KB
60 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
49004e81f0765e86f8da10b60d1906b95ed993b4d146e84b65403be41d5ae0f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vDheTadrzWUpFfAI-zorz1x-xDpLsBJVgeczrZ0J8M7kb_rZSmCEnfPnIQKFWLrCHacJcL0OednV0sn1d_Pbm3Yyq5JS0HiAa8VZKZQVDM9MNMOe59LObg6OOBX19WVoOUuznMiKA-W3h5PN-ju6tud9-V31gkEWiVViU8XsAu--V2Na5AQ4W1bTy865ZjxGTSc2pr-r-VMmT94zX8a3dlNBRtZO0OBR7VeRNZf-CGoh-CjfnXWimTlJPqkXVsO9ej05TA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
121105656
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4FB4
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 07:30:32 GMT
etag
48472445140208031
expires
Thu, 29 Sep 2022 07:30:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame F87C
347 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
017c8713fe12870613b27cdee8abd80a454f2081796a76e68d0801464c1b5dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125499
x-xss-protection
0
server
cafe
etag
7013236630896103409
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
truncated
/ Frame F87C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09d3f721e943815bfdc65b1414ad130b9a6c5c3c6d9d43765ef0cb0f706ef7be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AFC3
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65101be0d43cbe46feed3d67f0c90cbc7ee863857b130ee0736214f2cb634149

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame C065
348 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecfec46a1913a0c10459372495d8792fb03bea380ee1da0d413dd024109b24ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125657
x-xss-protection
0
server
cafe
etag
7408973791055819091
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
truncated
/ Frame C065
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63d81e21b2109302b470c130312fe4df7ffa296d563339086968dff1e19c8820

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F0A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
471b87d73a4fea9f39089fd6aa61950eb731a974865c26d32eef98b078705f34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame 8D31
347 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcd54e061a53b96064361f0e18ec2ab46bd324f8049ec06672bbfff32d229fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125493
x-xss-protection
0
server
cafe
etag
6680061142056423705
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
truncated
/ Frame 8D31
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10e1099c7f31c2c63f5d5ad93caaf3f19145aff446b4ecaa0f0981bb3f52333d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame 7B4E
347 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
217ed34b4df7985a6593e0d3eb20580c1d42f4f871413f6880678cfc5c250c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125492
x-xss-protection
0
server
cafe
etag
987098478404043665
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:27:57 GMT
truncated
/ Frame 7B4E
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
744039112a3a32e0e6cbba111b5e05fce338f0516703001ae51702ba63c8852a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 4FB4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkF1RnMwV2UxT0RFQjA1&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cver=1&google_push=AZmPxg90OElINBVlis9GscvhhfoAeD1ppVRcKEOix6J-APU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkF1RnMwV2UxT0RFQjA1&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cver=1&google_push=AZmPxg90OElINBVlis9GscvhhfoAeD1ppVRcKEOix6J-APUg1iAbKO22Xdepj2IZ50-B5FZG5H5LzvsZ6Q66w6Tr1FIgCW36EAY
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:27:57 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkF1RnMwV2UxT0RFQjA1&google_gid=CAESEHxUqwl78A4YwVI4ZUGVxKU&google_cver=1&google_push=AZmPxg90OElINBVlis9GscvhhfoAeD1ppVRcKEOix6J-APUg1iAbKO22Xdepj2IZ50-B5FZG5H5LzvsZ6Q66w6Tr1FIgCW36EAY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4FB4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEuRLcxHr9TWfsCJYFMdQbQ&google_cver=1&google_push=AZmPxg-HMFIab4t_tIh4PrwT6f-1rJDANbcQlapZ-MU6vtmA6pg2kbBlV8Uon4sVvu2Tkhk7QemdW-m4LRP9nndqHE98WE5UoEo_
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg-HMFIab4t_tIh4PrwT6f-1rJDANbcQlapZ-MU6vtmA6pg2kbBlV8Uon4sVvu2Tkhk7QemdW-m4LRP9nnd...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg-HMFIab4t_tIh4PrwT6f-1rJDANbcQlapZ-MU6vtmA6pg2kbBlV8Uon4sVvu2Tkhk7QemdW-m4LRP9nndqHE98WE5UoEo_
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg-HMFIab4t_tIh4PrwT6f-1rJDANbcQlapZ-MU6vtmA6pg2kbBlV8Uon4sVvu2Tkhk7QemdW-m4LRP9nndqHE98WE5UoEo_
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Sep 2022 21:27:58 GMT
pixel
cm.g.doubleclick.net/ Frame 4FB4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCWAK_TJwJUoL-Oc6R0gVc&google_cver=1&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPCWAK_TJwJUoL-Oc6R0gVc&google_cver=1&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfN...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433824675301422&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86MTB58x0&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86MTB58x0&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-xFMtmrb23UucrKo3vm4a93iPRti7WuUsaF8lBQPgB78M9zKBQnNssO-q3CRwM_qWGoADpzxW1U6KnfNl3B_86MTB58x0&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
Date
Wed, 28 Sep 2022 21:27:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dds
rtb.openx.net/sync/ Frame 4FB4
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIAn6O_MJSMf4hxWGnOqADc&google_cver=1&google_push=AZmPxg-6l0qb7oq5KEbKGTVGXr--1wUfdmFirVLC_OTI0M3dcehxGS35mWBoOcNcikhtN7VyM32zgTSjQowPmsBHJZINAkIWdFx3
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
68mf50ur71nfuo3670itqq4cq0rf7m00
pixel
cm.g.doubleclick.net/ Frame 4FB4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKH66NRXwzy8Yi2vPq3ljmc&google_cver=1&google_push=AZmPxg_vrW5cxuys-L6MLFWZ2GXIeGzXVrzb0mC6T_GMJzRZxRAuZmEdzrTVihXvvhp4R822Vy-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLODAtMUctNkdYNw==&google_push=AZmPxg_vrW5cxuys-L6MLFWZ2GXIeGzXVrzb0mC6T_GMJzRZxRAuZmEdzrTVihXvvhp4R822Vy-XkkAoPVLr8KOIvpfmX2atLRx5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLODAtMUctNkdYNw==&google_push=AZmPxg_vrW5cxuys-L6MLFWZ2GXIeGzXVrzb0mC6T_GMJzRZxRAuZmEdzrTVihXvvhp4R822Vy-XkkAoPVLr8KOIvpfmX2atLRx5
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLODAtMUctNkdYNw==&google_push=AZmPxg_vrW5cxuys-L6MLFWZ2GXIeGzXVrzb0mC6T_GMJzRZxRAuZmEdzrTVihXvvhp4R822Vy-XkkAoPVLr8KOIvpfmX2atLRx5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4FB4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHNKNKtACdWEM5w39kF1bLM&google_cver=1&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4k
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4k
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_l6zRn8GxOIFsA4GXbaOrMPHUx0R2pxjXPZLHA1WRY1J6o5eyDZlq79umtiJj_BZlaClOgiBLEaXkkwv2MBmdu8kplVb4k
date
Wed, 28 Sep 2022 21:27:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 4FB4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECWwVPRaBlXWq26VjqvbmZ8&google_cver=1&google_push=AZmPxg8_IpFoV2tgbi8kH5Hd3MTfRvYBJH1ORm_x4mhamiQ2NSkVs_Vj87Q1r0zxkuYCkga0Bpm03_997Lt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8_IpFoV2tgbi8kH5Hd3MTfRvYBJH1ORm_x4mhamiQ2NSkVs_Vj87Q1r0zxkuYCkga0Bpm03_997LtEKbLZBNeS6YRF2qyD
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H2
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4FB4
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJsGrEoeb25nMgGFjtzUT1aQHXEJXyM4sR8qFI6hWkGmfUX8d0gq6qyzEJI3CaluykUd6NFA
Requested by
Host: 4d450be1-4a3c-c781-0a78-c7814a3c4d45
URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame F1E9
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41ae310adf9acc8bb81413402a18d09a7ae74973f5426cf1c9c000a1dc780ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame E1F3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E1F3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E1F3
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 23 Sep 2023 21:27:58 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E1F3
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 23 Sep 2023 21:27:58 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame E1F3
43 B
348 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=g4IEtqakDsbZ4BraU9MWJoTlYqB-UgS08RKdJRzcb9fDdzd5M2DaU5HcXxz3kREcnUc7ivLwkdsCXThu0tRydqEDV0kyIREgSK9IRwNRH9pkcLSs0RWBuu0Xm3zhGQJ1JfnlE14pmeZLg_D3PUaHdXW7MtohP4GtllIQW8YmG1JqHzN1JzWrsGaO8TunT9G-Nt-TbAFgRQ4DLLuqCxfZyMJAELYfWppp1Re_BSw7jESLnnA64hfLhlEZG0v0kCRSwEvyspVKSCuu1RwDD6KcH0IPptyZeMqfQQZuZ8NHC7IdMCdz4n5Np9UNOU3oo0BcNYogwsc8CAkv7stL9lxRuCgQicYKMkZLKL6I4A0TL6q36dNtU1XCumSO4igLBYHi2YYWGWc87_pQSf-8QC9l-J4zpdukQTsjcQ9UGS0zPWwhyoRt
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6256230
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame E1F3
44 B
752 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664400477
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
V2Pxrz6qdpsZMZ8ZVLy3aKoLqjZ3SK3rhlewhiyZG2oBeV0qWiCOuw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
abc.txt
static.avantisvideo.com/data/ Frame AFC3
10 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
418daae1b2eff2e9698e406734dc5b7ddbdc01149ad02918412fd7d4860b30d8

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 11:09:52 GMT
content-encoding
gzip
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 11:05:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
37087
etag
W/"4b3a2ef2d865e2cd55ea424bf7296d78"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
x-cache
Hit from cloudfront
access-control-allow-credentials
true
x-amz-cf-id
cUSY7aXkplAJYTVLhfgAYATRPc_d2VM3lfisQbRKrfc7A-IZxWGRAA==
abc.txt
static.avantisvideo.com/data/ Frame AFC3
10 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
418daae1b2eff2e9698e406734dc5b7ddbdc01149ad02918412fd7d4860b30d8

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 11:09:52 GMT
content-encoding
gzip
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 11:05:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
37087
etag
W/"4b3a2ef2d865e2cd55ea424bf7296d78"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
x-cache
Hit from cloudfront
access-control-allow-credentials
true
x-amz-cf-id
zfzng60f3wd7j1Fjv7HnMjdPBakeBFQvFv4MBUp6UwtUve9A1YDZHA==
abc.txt
static.avantisvideo.com/data/ Frame 3F0A
10 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
418daae1b2eff2e9698e406734dc5b7ddbdc01149ad02918412fd7d4860b30d8

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 11:05:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
37087
etag
W/"4b3a2ef2d865e2cd55ea424bf7296d78"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
x-cache
Hit from cloudfront
access-control-allow-credentials
true
x-amz-cf-id
3xoWi0P3Ye9HyXN2p9DLSUgdscTS6pZxSIozY-Qtv7HVUlKI2jl0gQ==
abc.txt
static.avantisvideo.com/data/ Frame 3F0A
10 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
418daae1b2eff2e9698e406734dc5b7ddbdc01149ad02918412fd7d4860b30d8

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 11:05:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
37087
etag
W/"4b3a2ef2d865e2cd55ea424bf7296d78"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
x-cache
Hit from cloudfront
access-control-allow-credentials
true
x-amz-cf-id
a8mvkBAOCBzghWywAsBoPh4Ij6Jlq4mRhAl8jUN9BzyHgticxtT2Iw==
cookie.js
partner.googleadservices.com/gampad/ Frame F87C
220 B
227 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67bf35f027201f92f89855e801ea5a5a7d1d0c496a02c043db4d9f02a31def90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F87C
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F87C
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A248
25 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7173f35bb19c4456fd8eda5e5ad4df4e0c19b8b8bd873c907f7cbf756b144cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11498
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame C065
220 B
225 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcd95598079fafe7cabbf03be7ee55aba54a9abf83ac0e43967e1e4446372491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame C065
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C065
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CD0D
57 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bafb8c50bab0f042df1ae5a175a5d24c505ab576b2e2437b6ef737e89c868d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
24783
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
events1.avantisvideo.com/ Frame AFC3
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
/
events1.avantisvideo.com/ Frame AFC3
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AFC3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvU_NV4xxwW1QrpVQ3azFXfFex3f72CpcOBBeB_Jhj4dpdHDt9Bv6cRdb-vDgKspOyyusjJiKGiuR8cA63yPu-UfX5hEpU0AnvQO447TW7qt2IpQd41rRz2e9QlaDkzxHCi0OM4_AwfycnOb453y0g0IyBD7U9LQk6ibQGwDrwjJ89acnUVACNjDXK25aXIqfeteUdhREOY0oAKxNSK0SxHAqbDNKnCRty8Jy1U2bhv9TDkPEWKv4N_E9Nr51wx94jN82AXTimO6DnvFScjgxUVTAj5JjN2x_LPrrJv3ObV4_RfU_9zhODHWF1yZey81StwK26M8AyPWF0yHEcnTsz16GR-E8CUUU1zRg&sai=AMfl-YR6BYU8myTfcppx0GJq9w2FFIMNW3MoyxauizVwzwVifLIGJ_V7Wc997zDVLW_BHt8bEgLwg2pBwx8NBLq7dszK9FZogl3g8645vXSPU_GjMWh9FSFtN-gvKAV7qiZ9uA&sig=Cg0ArKJSzGHPvRA27qXlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:58 GMT
/
events1.avantisvideo.com/ Frame 3F0A
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
/
events1.avantisvideo.com/ Frame 3F0A
0
35 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F0A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTu8U4d0Juhm-pscIGTO0nj-av9JoW2sEvMK-fP5F0jk1ouGUYRrzAgCs92VKqiQHn09r8ZbifbQmFYz_9A-KsBN0O6Olk7SCy_UYoj3Im3kW8fRf2R0OOPNrc9zSjtpq5Sygsm_D8lUjEusuj_IT7Z4xB0NyII-X0POHKCMKeDhvTYs4HkIlMprEJoB0BMyiGQCkoI9KXWH2ZSpZCYckK_jo9pG8nYMm-ClleYjM8sgCwe4WQyS03dyqAVzoLXLnTpYsdFZ5w-vXNGV-0gqBq4DK1Gk3T4Nsz_lOMwnftA51CloZ6ZuCvuRell9bQ_jK8oOM6EbubgEUbF46PZ9soUGOEzo8wGmJ-29-3YjQeSyEBJw&sai=AMfl-YQtNWYB96OapEOio16Ec1IUL2n-jY3C_NfiXrponJPUq160V5ioo-3RbZLYIQ1m86RPozKsz5vR1EqQjm6LZtJodz0LuP5Md5wR_0M2ZmmPtlXxApi-_P_Trul-063oCQ&sig=Cg0ArKJSzPr4UT43mGqMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7313
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 798F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
7715149523900090432
tpc.googlesyndication.com/simgad/ Frame 7313
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7715149523900090432?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn6oBbQBGqIaSILY9k0kovAk4MFiQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1e3dbb8b498c8f65ed22dcf127a9c1bb2ae2b506d1dd85e2353e45f06c3bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 00:25:36 GMT
x-content-type-options
nosniff
age
421342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40755
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 10:10:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Sep 2023 00:25:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7313
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41800
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7313
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41800
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
11744364027285692477
tpc.googlesyndication.com/simgad/ Frame 798F
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11744364027285692477?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkfaCtjuOXk15b6tHzSfOeSRPUU9g
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc14bcdb558e2e685e0680e09f65b7a34bbb50fc5138c5bfe86693c28a17e689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 07:55:04 GMT
x-content-type-options
nosniff
age
567174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17077
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 13:03:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Sep 2023 07:55:04 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 798F
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41800
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 798F
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 09:51:18 GMT
x-content-type-options
nosniff
server
cafe
age
41800
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 29 Sep 2022 09:51:18 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 8D31
220 B
229 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfb4e4d1cf119f001e2edf101f7798d46ec14c21199befd0a8e744a9d379efba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8D31
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8D31
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FAC3
26 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90f5f78a5e823ba916ea18c3e24ae1342046946757ce74aa7ff77e45810298cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11676
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 7B4E
220 B
232 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e340f6ed5109c33a4ceca3604a29b756e9381690ad61b26b8d396e4af98fda3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
210
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 7B4E
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7B4E
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E744
25 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
345bea28d2b68dc19a4ad95071e2ef30dd61ae02390e3c59aa0db8594aceb07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11531
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
u_d.html
cdn1.avantisvideo.com/connect/ Frame 6BC1
46 KB
46 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46048
content-length
47064
content-type
text/html
date
Wed, 28 Sep 2022 08:40:31 GMT
etag
"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-id
7PzMlR_XFM0vFrsx3EPv5tJ-iOZrj7cinv41JAuTpFq-UTMJe8bTdA==
x-amz-cf-pop
FRA2-C2
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
u_d.html
cdn1.avantisvideo.com/connect/ Frame 9675
46 KB
46 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46048
content-length
47064
content-type
text/html
date
Wed, 28 Sep 2022 08:40:31 GMT
etag
"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-id
8V0CcuNc8C3fgnLHLr3a3uQcOKdlDs80hdVrtaXesy2EdVPNsWLUEw==
x-amz-cf-pop
FRA2-C2
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
animejs.js
static.criteo.net/animejs/ Frame E1F3
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=RvgLKdjxsCa071ptabsHOAat
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30958213
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11301
expires
Fri, 22 Sep 2023 04:58:12 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=800&s=V_ZNrXFScZltk3WSrE71MkfL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=920883
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1306
expires
Sun, 09 Oct 2022 13:16:01 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=800&s=VqTak-1PQuSgw4NtqaFRO-V1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1083410
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1672
expires
Tue, 11 Oct 2022 10:24:49 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRealtime-Technology-AG-3DEXCITE-84877DE.gif%3Feb%3D1&v=3&w=800&s=Jw8nw0XmerMzmKZhLslMXNFn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e1620c55bd052c72e444db91a21c6dd034093ffa111c5a87922788ece23d6381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1304
expires
Sat, 23 Sep 2023 21:27:58 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSartorius-Mechatronics-T-H-GmbH-104678DE.gif%3Feb%3D1&v=3&w=800&s=2M92FvW2Mz9L-bI1qVMK85Sa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5a0e4c1782e28b90ed9ada766b66b4675f254f697eca83af0b822e662134b1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2394
expires
Wed, 28 Sep 2022 21:27:58 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoDelivery-Hero-SE-211507DE-2111011055.gif%3Feb%3D1&v=3&w=800&s=_XGwEM4qiN-RfWNm2Lx5eSRb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ab858d5f52179c3d25e2ce980e761e296fe37e76ae34c1471682e762f73b677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1542437
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2042
expires
Sun, 16 Oct 2022 17:55:16 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
6 KB
6 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoMaterna-Information-Communications-SE-4261DE-2102151242.gif%3Feb%3D1&v=3&w=800&s=vmMOARK9NfjGw4lMFNXc514F&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e7d14740832c0e9785844163d4892e8ea2870c8a72d0bb089aa197013e506899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2480
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5758
expires
Wed, 28 Sep 2022 22:09:19 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1820292
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1584
expires
Wed, 19 Oct 2022 23:06:11 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
848 B
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNETCONOMY-GmbH-84819DE-2202071641.gif%3Feb%3D1&v=3&w=800&s=KOr4OZoQRbic3-G_kzjIuLkg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
64d68302274df4ea5a606ea23e107ca5332db9d32f4fe162a31f778d1d7ae5e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
848
expires
Sat, 23 Sep 2023 21:27:58 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
8 KB
8 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoSuperior-Nachhilfe-280903DE-2111020957.gif%3Feb%3D1&v=3&w=800&s=nBDOVyJ3pJykmhLCXDrGd48N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
eebc158e3282d6488ed2a6c59a2a97aaa3b3160fb2851f8700a741bc5175bef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=686114
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8213
expires
Thu, 06 Oct 2022 20:03:13 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FW%2FlogoWeidm%25C3%25BCller_Interface_GmbH___Co._KGDE.gif%3Feb%3D1&v=3&w=800&s=rUX98FxUDB9O8lEvEhgjKXJD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f607aa255ceb5e2a529c17b36ec88818b052faa2792019c8af14f90f369c344b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2030536
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1368
expires
Sat, 22 Oct 2022 09:30:14 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=800&s=ABy0a5CGuwxHmd1dZkdP9vMT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581214
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
img
pix.eu.criteo.net/img/ Frame E1F3
612 B
876 B
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoApollon-Dialog-Marketing-GmbH-243434DE-2003061509.gif%3Feb%3D1&v=3&w=800&s=Fl6W8IBACHHyHjU2qj1EJZUJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b1b55c963a99c89a6f93b7ff76ea63445e9c1c8b02e5ce70450af0d2df7fac66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1004199
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
612
expires
Mon, 10 Oct 2022 12:24:37 GMT
all
csm.eu.criteo.net/ Frame E1F3
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vDheTadrzWUpFfAI-zorz1x-xDpLsBJVgeczrZ0J8M7kb_rZSmCEnfPnIQKFWLrCHacJcL0OednV0sn1d_Pbm3Yyq5JS0HiAa8VZKZQVDM9MNMOe59LObg6OOBX19WVoOUuznMiKA-W3h5PN-ju6tud9-V31gkEWiVViU8XsAu--V2Na5AQ4W1bTy865ZjxGTSc2pr-r-VMmT94zX8a3dlNBRtZO0OBR7VeRNZf-CGoh-CjfnXWimTlJPqkXVsO9ej05TA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E1F3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E1F3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XAALc-UIu8DiAAlbPWBgbBAij20eYgcQhg&u=%7C9cux5jo5RnQvCx5NkQp88D1evNCkZ4qFe1ODxZPLlcY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gYB_9V2b-7A09_MAapfDBgwO2TA2IGQDnieSJMML5moyezOE5wZJ94LJpafQemu79Drhfa6cvE2VUmbgmeXhSh-oYHZvycwmUMGC4US8kYGmgBhV33Fu48Mvqt32rGo_LcNeiSJnMLqP3wdMnK0aa_1t3YUhpp_UNsj9pyXdJaMH33K-n2gmeLDrYbFeAd9fS_FHLQUr_K92xlaFNCth0ItJ5KeNITwcV4R2DPJ8MxS1KeM1sRru7E1kXBQztG6lENPcTvqR53nRyxKgmXrmORWYwGZMiEo65Fde38cETvM5QxdRL3nrc8ECnsTzKYiW_7OV-r-rMV0xJrrIevlpGdJyn1McpBQaRoDCEoEWqO3bOwZ-PIgof7LvE5UbNy9D-FUjhcswtpcChuH3W5ajH1qoJNs_KnZYEBqO5As4kXNprkQWeTZWoicyDsOjNViuI1iSg4BKTl4iGH7xshjMFkb8F6d2xmC_H5Mn9-khvM4eqilxKgsUoj0IuC_IW7nSB0g_RJPY5pB2m_5SfqfpGPBQD87lNLufjE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChi-xXLw0Y-XnLeKB7_UPvbaliAPJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQLoEAjolx-wPuACAKgDAaoEmAJP0NfGA3BirDytyCS3nauVU4mLNjC0KhmYJ-6VHN2KNY3Msbj1M8ZstsQWmsgcrYOdZ1YCSeYHPD4sATrubd1K6zhUi6NPgUOpxtrF69EnidFzc3u0U5P-K419yCKGiPftmdYxOgLKiogKxvkDia_fBzTgTRzgkJ7IIqL4IGlqni7fP6A044nbfUmEKK6QrC52Wj1sFQclFCRDA0NM_6Rt2EnYSyhH4pVUlNX8Qf9AwdCN8ouYHFa5WoEfQ4w27KAPxQ9PA5WpN_Kh2GcnI0e2Nm7lrZbMfN8PicsZGAUVeIMFIiXgfXRjBmbMZ9ZBDEYRd95Hq6oqzrtd91jRksSMcA9hPENiu5FUNGU3Kz2zRRaf1iBstnwg4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NUPMOUBXDiGENeNfcIh7lnjEMFA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 9675
180 B
933 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
180
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
Aq7ockMaGO5TLAWo1jgHa4VE2tyAJWQiExnfk-W_2UWdWeQvB0nXvA==
7715149523900090432
tpc.googlesyndication.com/simgad/ Frame CD0D
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7715149523900090432?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn6oBbQBGqIaSILY9k0kovAk4MFiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1e3dbb8b498c8f65ed22dcf127a9c1bb2ae2b506d1dd85e2353e45f06c3bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 00:25:36 GMT
x-content-type-options
nosniff
age
421342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40755
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 10:10:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Sep 2023 00:25:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame CD0D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:17:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame CD0D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:25:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame CD0D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:55:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD0D
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:58 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame CD0D
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f31b667b70b2753bcbffa65bfbbd0120ce3d37cace0bb6b26fb41e91508064e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13614
x-xss-protection
0
server
cafe
etag
13013221327992996047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 18:35:15 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 6BC1
180 B
932 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
180
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
YmYuSgKeDhZPpoi2x6zr2pxAiCU_MDkcHRhbPdRpI06filiILJa5Ow==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame A248
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:25:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame A248
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:55:22 GMT
l
www.google.com/ads/measurement/ Frame A248
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKkXn4-9KBIwEpJ5LVqtf5VWFVvtXhekOltUyUvlw1zpnWimUpaoG-41cSVsUxY97GhJTlzHxAD8yfGrIBPtBQHT4TOw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A248
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A248
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9_YlXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTbAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjlMzZECQ498SPGVNyEWAzxmGvKct6E6PB1GaR0L_SqH92oFZ3INN4AGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDYyNzUxNzY4MDI0OTY3MBj_1xc&sigh=rVpWo4L1uIE&uach_m=[UACH]&cid=CAQSPACsnQUxVsMf1uvUPrIvJj0Xiw_NYjIjFX14qqcj6k9R4y7lrk50k0r7CRXkMiEijWjBj51dIlMM_VcX0hgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame A248
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFMg12AVanYNiAgIAAAChUTuMmXcfUgsREJAr5a-cEF68NGPjVtKs6ZS6F6rtygASAAA&wp=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
249055
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0C60
137 KB
47 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4213686927dc916987c578d8c366553e29e9af8c2079142d37a5f8f281fc2252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9XkBr6drzWUpFfAIESG1IXxEgJodxEpGWwA1IQIkn6Ocyk4-9Aj2kffvmTSFtZdH1JrzW2GYVuJ1btoS4fSZmGyV9BZFfuKIa_gp9TDSBC4nmitDkqLS2e5GhkEzGpmyOMvR9b6JSxg1m3PbmbtBblkJRyhpadISafOyGUQZv1CXRqAZU3vVrslSbgVOjtbaWGhXLOlWu3kdyG_ow0EpE9Jd8UmU__p0OPzMY5DH2vGlHMGQBtBhSgrbKxzPANbPS68iYA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
78898655
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 32E0
1 KB
752 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 07:30:32 GMT
etag
48472445140208031
expires
Thu, 29 Sep 2022 07:30:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:27:58 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
gMl3vrC2CGPPlSlqDuUCYsvlXAouStKCXwBgkF_8yuBSr7PA8d4aqw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:27:58 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
ZhjAuiNaDtmDiqj5V_jZSzBoNVodG2LePu3Now1MqJ5McX4E9Mf-TQ==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame FAC3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:25:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame FAC3
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:55:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAC3
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame E744
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 21:25:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame E744
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 20:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 20:55:22 GMT
l
www.google.com/ads/measurement/ Frame E744
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSH6O7REKcqO0CxbK19KDLnUbvP5naOgb-yKf-GV7XTfZ7HNbiH1NEDlsFOs83bA9QcuH6WK7VXXNV32vPzGvsLk8XPNA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E744
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FAC3
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cb28WXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTlAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpQ39MXNPUTkL-sBwvBRWZbfcAYNbCAKAadsK1jDnBNtT1cCszN_GABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2Mjc1MTc2ODAyNDk2NzAY_9cX&sigh=PkIGO-o6L6o&uach_m=[UACH]&cid=CAQSPACsnQUxX-IbUyMJkYgHjS2bgGYC5bhdatIAS5MnrlAAe78traCyStVi8RBt0LNxI6UFAmJeO5p8CrY4sxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame FAC3
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFMc1rAL6AZ2DYgICAAAAoVE7jJl3H1ILERCQK-WvnBBdvDRjTF1pMXgBqNB3dh0AEgAA&wp=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
217877
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6D6E
168 KB
53 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4067fa7b89da68b7737eda7e49aab9ffd96f3bbacb399c1e5283aab4f952344f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ehwNz6drzWUpFfAIT0ueBaoRjV25JyxWE2QUf3rejgesEsCD3DcvZJnCt3go0LIjghmuA71_QyhoE7MmqrrwFyhz_AVozd8nRT18hLFYrtyCYI-PuhJQk7Q_1Rt6teZnQomf0wj8jO4UF1yXVxSgVGi8U540-qLqoL2KEdmDwlm5LzVLG4-v10x8iYicKemiu2-xglHM0sw8AQGYAJIuUNWx1TbHw9uwg3tisIF3NrWwdEraj-g3hqVgkLPvQoanAgjAMQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
93795100
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1140
1 KB
752 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 07:30:32 GMT
etag
48472445140208031
expires
Thu, 29 Sep 2022 07:30:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0AB8
1 KB
752 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 07:30:32 GMT
etag
48472445140208031
expires
Thu, 29 Sep 2022 07:30:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame E744
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7APKXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTfAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJ_FFK4pY6kbgN6UptW7nWhGOWlJPaGuOCKBS8qw4DlQRpkU4w3LmABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2Mjc1MTc2ODAyNDk2NzAY_9cX&sigh=cCvaWIeP3qg&uach_m=[UACH]&cid=CAQSPACsnQUx3cxwPmNSGlyJ4Einbhl5xTZes05uZyIau4JCzccmC647Iq2ZHNkgXH0Dnz9qe9xfE0xeP1GNrxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame E744
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFMc1rAL6AZ2DYgICAAAAz2ZCFJGEsnILERCQK-WvnBBdvDRjuR-Te1jOxpDiT48AEgAA&wp=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
284290
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8BFF
138 KB
47 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
46a1c2794fd2deb9498df422d9d7ae39f83608fe893437cbe9e870dcab3c772e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fD1VVqdrzWUpFfAI1FL7ahwNtiQqiouOi8xw_eWkrTS7d_OmrpUgm73BR6G4aVzqbkk7WA0kQY_PlvHcbwDZRS_K6Ii0MMJOf2PGpD0uomQv0mGRHwpB2bF5Y2ieia_wEFBBp-fRd8LLthyxjH8pBcRqpdyjTPFPk2G0MCGE_v7DCS15MQwTGaKDVRsuUgt1llEeW_BsYwKZcltaw-DII5afRNtuYjIXAV6Y6xhNOvWrLzBqYGWwzSO8Comc3G8u11iwNw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
72694251
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB4D
1 KB
752 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 07:30:32 GMT
etag
48472445140208031
expires
Thu, 29 Sep 2022 07:30:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A248
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
442a9f55692897f765956e49e9ccc2fdd6768683a39913132adc0ea341bf21de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CD0D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b92d52194bd690820a21d7484a48aeaa4fd8972e466e484d62c8a71228a3027e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0C60
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0C60
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0C60
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 23 Sep 2023 21:27:58 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0C60
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 23 Sep 2023 21:27:58 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0C60
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=h6UyywMnnbWMI_bjUc8ZINjTSAboGajbCmpchiNpKGs_yKyOsGQSU-QuEkChot3kjGLQCHc7iC9s5fHC9VUsrttAz9pUIQIaCXkssluXpITfA6rnGAlvZ8EDKbzWTXjjKCdPjRZgh8zvOWS67fEd-OqLNAKU7a4gh3Gprv-G2ZzfBoB7bMjOHyF5s5iQV5Gxp5eFc44aPXxKf2-VTNAV5FV8OZtD0ZzTf8KzRm7Ica-qvJTQYwS4giUHs8T60wr8HqEY0nBh_71iScj6-KO_EHDx8BYcHuwVEbqHwYFnUh3hIegFhBWfZIY9JORnzilHyhgUz3OY9pd1XCFImjuv13EkqkYkoCO54pyDUDy_f0vDZBheCfJfnhugqvAURLMEsQZ1bHVNJZwgQxAwWpFxDSoCErcmpzuQtLvUxW5K4zNYDF2q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3353511
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0C60
44 B
751 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664400478
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
Ii9lbefnsJpAZk9IA3XZQeVc2SL0lBCzxY5dC09k7OJkPUTnhXtynw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ Frame FAC3
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17ce28cba43ecd76593fa63ea63d08e6467dc30f45b4ebbcf2888db381442ae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E744
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cb95de092a94fd8232d506d7ff2c0067f3322be094eb5df210769e9dcae2400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 32E0
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAOOPgW2cyeU3SgabvyngoU&google_cver=1&google_push=AZmPxg-OculFa1hucl7H3w6jXndNTaH3V4mC-VF7xDN5lJpLUdA6BvV8rqd0DXRrisZVmg8XRGiY-GMwSojk6V-Ll08x2ofqo2in
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 32E0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAHlG4mWXeqNPIlBjwTvDkg&google_cver=1&google_push=AZmPxg9dTNZDh0bxKRBaWgU-H7cvy8CXhPCyh7z42AJiaZktjk7t8vntyUXbtzKX-p3b7pL8aqkirBSMS4ZTvcMLy2iS...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=b7186ea7-70b7-4f1f-877b-627745966963&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9dTNZDh0bxKRBaWgU-H7cvy8CXhPCyh7z42AJiaZktjk7t8vntyUXbtzKX-p3b7pL8aqkirBSMS4ZTvcMLy2iSnPykOH8&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9dTNZDh0bxKRBaWgU-H7cvy8CXhPCyh7z42AJiaZktjk7t8vntyUXbtzKX-p3b7pL8aqkirBSMS4ZTvcMLy2iSnPykOH8&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9dTNZDh0bxKRBaWgU-H7cvy8CXhPCyh7z42AJiaZktjk7t8vntyUXbtzKX-p3b7pL8aqkirBSMS4ZTvcMLy2iSnPykOH8&google_hm=pKEYJ8ZgQVCBlcvwwgs85g==
Date
Wed, 28 Sep 2022 21:27:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 32E0
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WV...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0jjUst
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0jjUst
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg96En-0JsfoX_A2YCRWQL2b7B8D6jGmnf6r5w5btSsspXSTqSqHmR4XHizySMEP0EMVXfKieGMBgbvSn0u_gH_WVc0jjUst
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 32E0
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELZ5z041tCrM0U4EeCObfr4&google_cver=1&google_push=AZmPxg8r_nWkMp4DwwiWMOWSbM2QwVwbgpN8C5PsNaeqzqReQagy1a3N9lNKtXwk9LONe2d6TSiWwYVjdMq4lyRjJbp_A7PCukA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6og9odjq8t5flkd0ca37ig7hcsnhrht1
pixel
cm.g.doubleclick.net/ Frame 32E0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&google_nid=index&google_push=AZmPxg_1_bRttTmkTbG91rW9SwdLxBPT9p3s2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&google_nid=index&google_push=AZmPxg_1_bRttTmkTbG91rW9SwdLxBPT9p3s2OHIHkzxWljaLL99Ene66ptVhPXQ5SbdH_-sP33zLxZbUJZF52QiRXni3AJWyK2k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgG1FDK1YP5Qkp9Zt6qxqTbgZJz0HNsDbQRYtnF1rAMbqUqTBmpXEVykZanuen3Sjo3Gt9ufc0msQRhOdpvciIPNqmlEG1ZnDEPG3bfrAbAAy0%2Fv0ieeIpn2cLQH9u10BrSOG9bkSaB70A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&google_nid=index&google_push=AZmPxg_1_bRttTmkTbG91rW9SwdLxBPT9p3s2OHIHkzxWljaLL99Ene66ptVhPXQ5SbdH_-sP33zLxZbUJZF52QiRXni3AJWyK2k
cache-control
no-cache
cf-ray
751f90f2ac769034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 32E0
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAXMkloyyagV3tMYc9AhTIs&google_cver=1&google_push=AZmPxg-UBlN8Bf4mPsxqzvdLBWnvq2A5kZV3PpCF1KIxJDHDjWLfnCzKkUTVq7qoMw0TquoTpEipcreOwIUuIE3b...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-UBlN8Bf4mPsxqzvdLBWnvq2A5kZV3PpCF1KIxJDHDjWLfnCzKkUTVq7qoMw0TquoTpEipcreOwIUuIE3bXbI430NIb1ia
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-UBlN8Bf4mPsxqzvdLBWnvq2A5kZV3PpCF1KIxJDHDjWLfnCzKkUTVq7qoMw0TquoTpEipcreOwIUuIE3bXbI430NIb1ia
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Sep 2022 21:27:58 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-UBlN8Bf4mPsxqzvdLBWnvq2A5kZV3PpCF1KIxJDHDjWLfnCzKkUTVq7qoMw0TquoTpEipcreOwIUuIE3bXbI430NIb1ia
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
41vEkTb6LwAnKTFM5YXW-8UEFLr3sdZbegueFHPdYubLe69Iqufd5A==
pixel
cm.g.doubleclick.net/ Frame 32E0
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHo1AfInXPODXf0XiZ_6OYY&google_cver=1&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfguWuOTD...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHo1AfInXPODXf0XiZ_6OYY&google_cver=1&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfg...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8qOm3lkSReyZomTeNw3rng&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWf...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8qOm3lkSReyZomTeNw3rng&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfguWuOTD-ZsxUk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8qOm3lkSReyZomTeNw3rng&google_push=AZmPxg-OiT4dnsmaJZo0wqcHR1dOEqb4FQ-Ysv7-wW3EgZitZABjaxrhSdXTIDD1tosD0q1wpzRpaNserhNqWWfguWuOTD-ZsxUk
access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:59 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 32E0
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyoLJhYGtqvVoCcW7kShyavIWf49q7oQfE9A5CRfOb92yygh1hm6T0bDmgCimLFP3-vNKr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031645&pi=t.ma~as.Google_LB_15938Z&w=728&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477716&bpp=14&bdt=162&idt=416&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=2&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1172392062&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=860316704&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069960%2C42531706&oid=2&pvsid=2062035898826899&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3b418abfidhv&fsb=1&dtd=432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 1140
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElQ36qrzqpuxO5wqMNgoD4&google_cver=1&google_push=AZmPxg_9196IEi7dUQ2u6_20yICJdyssPBKkH6bP7lc5r_S2RrLGGsvsXL7fCOE7gLzg_PeCgz2StC_J8vWKXezw6XmvlIuMohw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAvKSd7dT_6NGj596ifOlnQ&google_cver=1&google_push=AZmPxg9XtcPKCgdTHdKZP2ZNcqd32qdQpJ2fgldJ5WBmUAp0RwOxOWce3_aUWKQVy6ho9RFnLpGaqkfympF7BzRvo1UavOBu74U
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg9XtcPKCgdTHdKZP2ZNcqd32qdQpJ2fgldJ5WBmUAp0RwOxOWce3_aUWKQVy6ho9RFnLpGaqkfympF7BzR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg9XtcPKCgdTHdKZP2ZNcqd32qdQpJ2fgldJ5WBmUAp0RwOxOWce3_aUWKQVy6ho9RFnLpGaqkfympF7BzRvo1UavOBu74U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BDAEB7AEF484418FB27FCA9A7E7BF8A5&google_push=AZmPxg9XtcPKCgdTHdKZP2ZNcqd32qdQpJ2fgldJ5WBmUAp0RwOxOWce3_aUWKQVy6ho9RFnLpGaqkfympF7BzRvo1UavOBu74U
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Sep 2022 21:27:58 GMT
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiA...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEsSZd-L6YF-rNYmw4gAaj8&google_cver=1&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZC...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiAY2_A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiAY2_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg91XTmeg8tkFO8D9re8jMtYpkJyjqFnHfVCBTRq9zmVYs3h6ep1_f_o5jUqV1lrga6lzOF7SBLiR8LKxGKM4NdZCiAY2_A
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1140
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEORXZbaMaypCWN6f8UmiQiw&google_cver=1&google_push=AZmPxg8mW0HtZwXJHj0Hhee21m3wxCZetQCj6FdQ5rtm9LfuJkRTHJo5Q7JVyA9cN8vIDICysuWPZqG3cFhwCUyRF8GuURoDJQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Sep 2022 21:27:58 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEEEGy3tcI4tuOmJwSllWFc&google_cver=1&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZF...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEEEGy3tcI4tuOmJwSllWFc&google_cver=1&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZF...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZFTPEx8FxsQ&google_hm=FZMnrGZHQbS9_UglRQa9cN6S
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZFTPEx8FxsQ&google_hm=FZMnrGZHQbS9_UglRQa9cN6S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 28 Sep 2022 21:27:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_1RLprzSh32zNXl6FzpQSdPDSX05n28h6VtbO_4I1TVUVeb-Y-hgphn1gOV3phh7FutS0rLJflwxTYet6ZFTPEx8FxsQ&google_hm=FZMnrGZHQbS9_UglRQa9cN6S
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFav5DNHbc8dXuLvnhtQrVA&google_cver=1&google_push=AZmPxg_17iYa9zEGXJykj1nHrM4OVoxw17FN_EJN7hniUYdkjoq-2L-xtHnt_u5CggpFc69V5TWa4HqSd3i_Biy2cVdfH1L-VeM
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_17iYa9zEGXJykj1nHrM4OVoxw17FN_EJN7hniUYdkjoq-2L-x...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_17iYa9zEGXJykj1nHrM4OVoxw17FN_EJN7hniUYdkjoq-2L-xtHnt_u5CggpFc69V5TWa4HqSd3i_Biy2cVdfH1L-VeM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjQxNDgyNzU3MDM0NjE2NDgzNw%3D%3D&google_push=AZmPxg_17iYa9zEGXJykj1nHrM4OVoxw17FN_EJN7hniUYdkjoq-2L-xtHnt_u5CggpFc69V5TWa4HqSd3i_Biy2cVdfH1L-VeM
date
Wed, 28 Sep 2022 21:27:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax681gH3leN62JJwcMC2SyiDH8BL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg_YKgXCGWWH6EGppyA71U-nLI5IkWzlY2NdaEqT5vnaEyKyFPEo7YGd1EH5dRirNsyiax681gH3leN62JJwcMC2SyiDH8BL
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 1140
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkLUb1Ye-81-esH21jNosdUXXRaSVN7NKh9aiZGhtTD8y5a4OoW6EpRiLs2Kty43zgrbtqug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530240&pi=t.ma~as.5083543412&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477874&bpp=18&bdt=274&idt=381&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=213255563&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=866385145&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706&oid=2&pvsid=1198021468793358&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.18bahy1dpkv5&btvi=1&fsb=1&dtd=399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 0AB8
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAC8jbJusm3ZMJ2WoNr74Zg&google_cver=1&google_push=AZmPxg_6srrhT9YTjB4DHJQjpwGirtZnqtt3pIoYyS-aI1bJGzW3Kd2MIYfJU5U0X6pvrEdcGrXstr4bR9JfV0JOLiPjC7MA8IU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0AB8
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAOOPgW2cyeU3SgabvyngoU&google_cver=1&google_push=AZmPxg-HVwfA8T2Ed9YauJ4vgYX3L6xhYLzypEkHE4yYGBw7M5qBvN2McFMUl7rsHLYxjPt2X9N8TcmJjoOQBXIVlaNicmIdhw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0AB8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsToLB...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQwNzc0OTEzMDg2NzI3ODE0MQ&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsTo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQwNzc0OTEzMDg2NzI3ODE0MQ&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsToLBJyMUolbxlRwqWHAeDNA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQwNzc0OTEzMDg2NzI3ODE0MQ&google_push=AZmPxg_iz6Zl8fHTo7iZ5PDCrEUBghf2x5xPLa1ivCAXsUZEmAKQ65hp35uUzO2uVA_jRSqpRMdsToLBJyMUolbxlRwqWHAeDNA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0AB8
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEORXZbaMaypCWN6f8UmiQiw&google_cver=1&google_push=AZmPxg_1uJuKIgpm8cJbDiJhvzXQgw_yjcs6Zs-oKkTuhNzjCmDHrayl1r3FlmpavDkwlNw7lcIMJKQajo_mAH7fMqnJpdZdvVk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Sep 2022 21:27:57 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0AB8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF4r24msCLuFNBEsaUgXZTM&google_cver=1&google_push=AZmPxg9skw23kuaoY0PWYnR7RajTocVVzFX8KJqSiFTbAOc5kCRxJq6hhJIi32BtOGxKPGyvBtD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLU0QtMUEtRkxCMg==&google_push=AZmPxg9skw23kuaoY0PWYnR7RajTocVVzFX8KJqSiFTbAOc5kCRxJq6hhJIi32BtOGxKPGyvBtD1Qc1iiCqJqpTdPKVsMxkhbX8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLU0QtMUEtRkxCMg==&google_push=AZmPxg9skw23kuaoY0PWYnR7RajTocVVzFX8KJqSiFTbAOc5kCRxJq6hhJIi32BtOGxKPGyvBtD1Qc1iiCqJqpTdPKVsMxkhbX8
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNNTJLU0QtMUEtRkxCMg==&google_push=AZmPxg9skw23kuaoY0PWYnR7RajTocVVzFX8KJqSiFTbAOc5kCRxJq6hhJIi32BtOGxKPGyvBtD1Qc1iiCqJqpTdPKVsMxkhbX8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame 0AB8
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPqLe8jjJF4bQahSJXSuKTo&google_cver=1&google_push=AZmPxg8lZ4XmdoS7LoGBofdJTiy1rNVOfiureHVpJkUGCE0RdlF3x9iC7zO-yvmLkIEeeC-CWIMD1KYXEVLZWkkqyhpcUkK1trU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0AB8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG5wZc_bNC7vqMtUL1vKjqw&google_cver=1&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTzt...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7a1w9Cy8vJRlJYUJM0n_-kZRyA
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01b0ZsdDdKRTJ1SDQ4MlhPNTFSazFFazh3VDA2RnUwY35B&google_push=AZmPxg-Ma7FXllTfnJUKwLRpe6n9hHC9Gst--M8ByQuE2q5VRjirBNTztRQ5xxoeNMueSJg7x7a1w9Cy8vJRlJYUJM0n_-kZRyA
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0AB8
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9Q_x_gwPs0aLchVlZuxMw65mvBe_ixDlTvDHVtenjBMiAoplCpsu8UqShpb4vLJsYcyd08Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame C065
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA43zWeXdEaz0NxR7Z8XnPXpqxEgLpF0mcVCNGp8GmibBj1YRoELDxy0PdCm_6pPw3qG0wtHp1GE8fqjEEcusdfLRSFWYcJssGfTBJcw5PSwJ1b-FT-jCvVgsJwefPWWtbZ6vsXHmwSuq7km4CWxdK3dcF2QdAe9AMbdKG5IqPLdLH6VSLkrROVfdqPS4d-UZVwpoq06dDCeKf3BvoASBCvxs4dzxm0HJJscTclJgV5Mfag6XK5F08rgehNWN-EZz3jBw0ZnIgY40ynq8qqkMPn4KWha7jDMfBUkImdnQ3zSv1LQoLarr37PowLwweP1Sqch1lGRaS65d6imFnMmMIoheTMzZEW0M&sai=AMfl-YQG13Mwlq_B2CPuCUXs-2MjAE3JglePUzkQC926D0NtVIVZtNJNnB_-hYWE7HfAK_btz7rohLbXQLWVZ6fwYC8qku5NAoQhqEdwfPLaRsWO_AMVotFhP5u-aO34fmUxPQ&sig=Cg0ArKJSzJSYx4Co46FjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C065
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43e4a982f0a7871730e0d0952b725cf94179dff8ec0d0e3155e6e2d1e76c94d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11108
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BB4D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM5_A6JuvzKGZ6xhScBAZA4&google_cver=1&google_push=AZmPxg_m8rkMkEDxNngfy6zHj6Go-sI2N-L5l92tEVAb4sYTNa3_qwlWf1p2QNQA5vxCph0rKziq8WaDQv1Lc9xI-2GbsatsEMw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzEwMzY5OTQzNjkyMDA1MzExMQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM5_A6JuvzKGZ6xhScBAZA4&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM5_A6JuvzKGZ6xhScBAZA4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM5_A6JuvzKGZ6xhScBAZA4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame BB4D
35 B
462 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElQ36qrzqpuxO5wqMNgoD4&google_cver=1&google_push=AZmPxg_GHbELHCFdh7UHuFn-tW6iL4m7n2NpBNJwNXm8lu0OF3PcFLsarRxkvpdMSZ_g8djUrBl25XddVLm3yZTp5yy83LMYbLTX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame BB4D
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC6j87SAkBUAq5RY-cJCw1g&google_cver=1&google_push=AZmPxg8tcKwTUD1Rcd51JcT15SQAEcz3UCHykVAcr-2xZrRYsvFL7l6uEchIsnWJXl1BxIjkf77JcZkv-8FirNnl4ywRQJ4oEfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame BB4D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENOZuE5gqwyfAJNbukQB3kE&google_cver=1&google_push=AZmPxg_ni6SHDvxHmOc5xahT61zeRnn-JH-gwkOSibhyb4fSoNo8Ab1aw2sNVFknIV4lPoyI5Pfut1BIw2368M...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0ODU0NTYyNDc1MjM4ODIzOQ%3D%3D&google_push=AZmPxg_ni6SHDvxHmOc5xahT61zeRnn-JH-gwkOSibhyb4fSoNo8Ab1aw2sNVFknIV4lPoyI5Pfut1BIw2368MM_Gl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0ODU0NTYyNDc1MjM4ODIzOQ%3D%3D&google_push=AZmPxg_ni6SHDvxHmOc5xahT61zeRnn-JH-gwkOSibhyb4fSoNo8Ab1aw2sNVFknIV4lPoyI5Pfut1BIw2368MM_GlShjlyxv0mt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0ODU0NTYyNDc1MjM4ODIzOQ%3D%3D&google_push=AZmPxg_ni6SHDvxHmOc5xahT61zeRnn-JH-gwkOSibhyb4fSoNo8Ab1aw2sNVFknIV4lPoyI5Pfut1BIw2368MM_GlShjlyxv0mt
Date
Wed, 28 Sep 2022 21:27:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame BB4D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoM5_zMHOEuhuY7bb-Nrgs&google_cver=1&google_push=AZmPxg-98gEE6PL-95J7lvKkqOwLFrtYU0jv0atFkCnGjZrUXCbcm3b4Fr7TTYR7ptvWdUpmrRuzwHcUV_mR5b0-tg2yfdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-98gEE6PL-95J7lvKkqOwLFrtYU0jv0atFkCnGjZrUXCbcm3b4Fr7TTYR7ptvWdUpmrRuzwHcUV_mR5b0-tg2yfdFNeFjy&google_hm=MjQzODEyNjg2NTY5MTE3Nz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-98gEE6PL-95J7lvKkqOwLFrtYU0jv0atFkCnGjZrUXCbcm3b4Fr7TTYR7ptvWdUpmrRuzwHcUV_mR5b0-tg2yfdFNeFjy&google_hm=MjQzODEyNjg2NTY5MTE3Nzg5Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-98gEE6PL-95J7lvKkqOwLFrtYU0jv0atFkCnGjZrUXCbcm3b4Fr7TTYR7ptvWdUpmrRuzwHcUV_mR5b0-tg2yfdFNeFjy&google_hm=MjQzODEyNjg2NTY5MTE3Nzg5Ng%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame BB4D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rgsI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIut6xU_QC2PD2o1Fe8fvYU&google_cver=1&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgxNDIyNDUxNDA1OTI0ODM2MQ&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rg...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgxNDIyNDUxNDA1OTI0ODM2MQ&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rgsI3KaJJyOd-NBlANFosgs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgxNDIyNDUxNDA1OTI0ODM2MQ&google_push=AZmPxg-3oMkBEm1fdoBSOgcZ6iYa4TsrvpSVT1ixrPZO_3nk968eufJEPRAebsqbnJWJYT-yVeR5rgsI3KaJJyOd-NBlANFosgs
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame BB4D
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELZ5z041tCrM0U4EeCObfr4&google_cver=1&google_push=AZmPxg_cVgX-tFp8DR4l2zba2kFRroOSCQgOYB-a2krQxzg2ROsHbjWVYwsURvNmpz6xBS9NglcgY8Qqljm0_snKoL6jGydo-frT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tarheel68dnugps268v1bb2usuqqbh7i
attr
cm.g.doubleclick.net/pixel/ Frame BB4D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoUEpYpVhNQWLgDfgJbFC6sfXD0WN3-8I6LoSj9FmBz4QQYAsjxFixS8djObZbiODWT6HS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=272530243&pi=t.ma~as.1176616588&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477924&bpp=17&bdt=335&idt=365&shv=r20220927&mjsv=m202209220101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1110892681&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=1282626812&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069934&oid=2&pvsid=3350297505340178&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ddchwwtvyb3o&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8BFF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8BFF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8BFF
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 23 Sep 2023 21:27:58 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8BFF
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 23 Sep 2023 21:27:58 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 8BFF
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=AfdADTmYDt9TqtwzdgNM_JClOpzLtx2LQlG1cHKubIyKL7Wxp4pqWI1OvzcNmYN2JKAvmkhc-jPEGLhasRYz_T1621aM01Cp-_XuR8Z2rBI5R1BYd7oPfcTFh1FLFAIdFyCndP9CBAuCc5UtU7rEcyFoWusy3jzVYyxn9W6Q1NHJnI4YJqJINzkqRgJ5H-4rYHW_ine-jeM7O5mOryDk0eb6OE7XwDOpX8UZQVuRdOwjCRlfPB7dQFPqB2lxIpA5acA8anrE8SLTGYm4DaKIuVSUiNMI6raFBBoBEKgeOAq2EVuxgneC44_UwvUoe_VNgMdd7faLvnKJ3DyZh1KAJ03pG8w7A1tXCNUCCiHCD9epiaLDLgIyRlWriEeR1gNoeh9a-VocinSdhpt1wjWvUSYmEGPElQxwmaA1rSRJUhz5VvWm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3227229
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8BFF
44 B
752 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664400478
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
LfrVHRvWRQJOMQ2mEwQx05TEkJtXr-RTfMJbtiPBoxkuQlLqcf-7Jw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6D6E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6D6E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6D6E
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 23 Sep 2023 21:27:59 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6D6E
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 23 Sep 2023 21:27:59 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 6D6E
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Cdx0AzmYDt9TqtwzdgNM_JClOpylwbqOMWBADyEsMzcp-y9nEgJ7ug9fd9YSLjEc1qC5eOCBDo4IQKaxEdGV-mOEZxJHB7Vt7JTujtLyGQXaeEU8yYEXW-SIzDT658CtK0h_hTZi511bctgTr4HoR7jWewY7bgh7fgPdE5PgGj9cJACfAd7wbAUWeHl8tFDVsKtQUzNRRYu-P1DClOwq8OPrOWOxhwquL1ZfgOcDKEFEFBHdxERpZbVcMJsuLtfOop-rHXdB06rXL2XBSGQOWBxRvpB-VBD1g_fFxX4zvTNoAO-L8Rgx8H9WLND4rnsF2-ZsbG7pTXXKRuoqjaGgWAlRnJT0yvgpaIPNZmBkGBAjPZFn97Usru-m63J1jRvC3QAJ7LY9K1rST3B2k4pj4Do3FklR7d20PgMWSbRyuTezZ_IZ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3158746
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6D6E
44 B
751 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664400477
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
zYW0ckuT7HWL5EPNfwdTr0gAXJDQ_bniaKO-sLvQN-OoeP-kYyQLrg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 8778
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_Mrec_16061I&adk=3036485478&adf=816031646&pi=t.ma~as.Google_Mrec_16061I&w=300&lmt=1664400478&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664400477806&bpp=19&bdt=230&idt=358&shv=r20220927&mjsv=m202209260101&ptt=5&saldr=sa&cookie=ID%3D882ba1a421662b8a%3AT%3D1664400475%3AS%3DALNI_MZxsMW3Cb69Yc2cfVmT8PsWW4VdUg&correlator=5669370278883&frm=23&ife=4&pv=1&ga_vid=92393879.1664400475&ga_sid=1664400478&ga_hid=1951335218&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=236&biw=1600&bih=1200&isw=300&ish=250&ifk=912481546&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C31069935%2C31069721&oid=2&pvsid=2116833172588637&uas=0&nvt=1&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2Fsweet_and_special_wishes.html%3Futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DSept22_nl_wk4&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2n80pz8vilmx&fsb=1&dtd=374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 20:19:07 GMT
animejs.js
static.criteo.net/animejs/ Frame 0C60
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
img
pix.eu.criteo.net/img/ Frame 0C60
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30958213
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7142
expires
Fri, 22 Sep 2023 04:58:12 GMT
img
pix.eu.criteo.net/img/ Frame 0C60
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=400&s=DrzYj4BBZ_BeucmSC-VkbH0_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1083409
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1672
expires
Tue, 11 Oct 2022 10:24:49 GMT
img
pix.eu.criteo.net/img/ Frame 0C60
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=400&s=PntC5sK8ydHsk_JNCXdqbt6N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581214
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
img
pix.eu.criteo.net/img/ Frame 0C60
6 KB
6 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoMaterna-Information-Communications-SE-4261DE-2102151242.gif%3Feb%3D1&v=3&w=400&s=xUUGVbIsSiSgRAJeb0OiTL3N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e7d14740832c0e9785844163d4892e8ea2870c8a72d0bb089aa197013e506899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2480
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5758
expires
Wed, 28 Sep 2022 22:09:19 GMT
all
csm.eu.criteo.net/ Frame 0C60
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=9XkBr6drzWUpFfAIESG1IXxEgJodxEpGWwA1IQIkn6Ocyk4-9Aj2kffvmTSFtZdH1JrzW2GYVuJ1btoS4fSZmGyV9BZFfuKIa_gp9TDSBC4nmitDkqLS2e5GhkEzGpmyOMvR9b6JSxg1m3PbmbtBblkJRyhpadISafOyGUQZv1CXRqAZU3vVrslSbgVOjtbaWGhXLOlWu3kdyG_ow0EpE9Jd8UmU__p0OPzMY5DH2vGlHMGQBtBhSgrbKxzPANbPS68iYA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0C60
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0C60
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
animejs.js
static.criteo.net/animejs/ Frame 8BFF
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
img
pix.eu.criteo.net/img/ Frame 8BFF
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=400&s=PntC5sK8ydHsk_JNCXdqbt6N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581214
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
img
pix.eu.criteo.net/img/ Frame 8BFF
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30958212
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10911
expires
Fri, 22 Sep 2023 04:58:12 GMT
img
pix.eu.criteo.net/img/ Frame 8BFF
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSartorius-Mechatronics-T-H-GmbH-104678DE.gif%3Feb%3D1&v=3&w=400&s=cFsT5v1kY01p3bd5vtoOBnp1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5a0e4c1782e28b90ed9ada766b66b4675f254f697eca83af0b822e662134b1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2394
expires
Wed, 28 Sep 2022 21:27:59 GMT
img
pix.eu.criteo.net/img/ Frame 8BFF
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMann-Hummel-GmbH-4576DE.gif%3Feb%3D1&v=3&w=400&s=u05B0S3EF9T49skfL5I9Of8D&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d0cec485779e5b9f4ec30fcda65110d1d8f17b7ec89fc0b227d4736b821da4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1301568
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2042
expires
Thu, 13 Oct 2022 23:00:47 GMT
all
csm.eu.criteo.net/ Frame 8BFF
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fD1VVqdrzWUpFfAI1FL7ahwNtiQqiouOi8xw_eWkrTS7d_OmrpUgm73BR6G4aVzqbkk7WA0kQY_PlvHcbwDZRS_K6Ii0MMJOf2PGpD0uomQv0mGRHwpB2bF5Y2ieia_wEFBBp-fRd8LLthyxjH8pBcRqpdyjTPFPk2G0MCGE_v7DCS15MQwTGaKDVRsuUgt1llEeW_BsYwKZcltaw-DII5afRNtuYjIXAV6Y6xhNOvWrLzBqYGWwzSO8Comc3G8u11iwNw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8BFF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8BFF
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C065
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:59 GMT
animejs.js
static.criteo.net/animejs/ Frame 6D6E
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30958212
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10911
expires
Fri, 22 Sep 2023 04:58:12 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=400&s=DrzYj4BBZ_BeucmSC-VkbH0_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1083409
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1672
expires
Tue, 11 Oct 2022 10:24:49 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
6 KB
6 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoMaterna-Information-Communications-SE-4261DE-2102151242.gif%3Feb%3D1&v=3&w=400&s=xUUGVbIsSiSgRAJeb0OiTL3N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e7d14740832c0e9785844163d4892e8ea2870c8a72d0bb089aa197013e506899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2480
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5758
expires
Wed, 28 Sep 2022 22:09:19 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=400&s=PntC5sK8ydHsk_JNCXdqbt6N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581213
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=400&s=SY31qpkHa_4W904lxzxOMzNE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=920882
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1306
expires
Sun, 09 Oct 2022 13:16:01 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoDelivery-Hero-SE-211507DE-2111011055.gif%3Feb%3D1&v=3&w=400&s=Vfj2ZaH_lkzpIWpQnDGwguWH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ab858d5f52179c3d25e2ce980e761e296fe37e76ae34c1471682e762f73b677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1542437
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2042
expires
Sun, 16 Oct 2022 17:55:16 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
848 B
1 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNETCONOMY-GmbH-84819DE-2202071641.gif%3Feb%3D1&v=3&w=400&s=UjtDi-iDYA5BkQI29UHsb7sM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
64d68302274df4ea5a606ea23e107ca5332db9d32f4fe162a31f778d1d7ae5e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
848
expires
Sat, 23 Sep 2023 21:27:59 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
2 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1820292
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1584
expires
Wed, 19 Oct 2022 23:06:11 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
1 KB
2 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRealtime-Technology-AG-3DEXCITE-84877DE.gif%3Feb%3D1&v=3&w=400&s=HImkHAM0hf8WJXgLxaERwLPD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e1620c55bd052c72e444db91a21c6dd034093ffa111c5a87922788ece23d6381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1304
expires
Sat, 23 Sep 2023 21:27:59 GMT
all
csm.eu.criteo.net/ Frame 6D6E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ehwNz6drzWUpFfAIT0ueBaoRjV25JyxWE2QUf3rejgesEsCD3DcvZJnCt3go0LIjghmuA71_QyhoE7MmqrrwFyhz_AVozd8nRT18hLFYrtyCYI-PuhJQk7Q_1Rt6teZnQomf0wj8jO4UF1yXVxSgVGi8U540-qLqoL2KEdmDwlm5LzVLG4-v10x8iYicKemiu2-xglHM0sw8AQGYAJIuUNWx1TbHw9uwg3tisIF3NrWwdEraj-g3hqVgkLPvQoanAgjAMQ&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6D6E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6D6E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Sep 2023 21:27:59 GMT
img
pix.eu.criteo.net/img/ Frame 0C60
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=400&s=PntC5sK8ydHsk_JNCXdqbt6N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581213
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
img
pix.eu.criteo.net/img/ Frame 8BFF
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=400&s=PntC5sK8ydHsk_JNCXdqbt6N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581213
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame 3F0A
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 05:16:29 GMT
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
58291
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3pm9HOlc3si2RtTstWrKo1CSxDQX0ZILPBUSPo8RmAkALe0EU47K4g==
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame 3F0A
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Tue, 27 Sep 2022 23:15:44 GMT
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
79936
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
T-jVvSu86V_-PYjSYqKqE8ucLLjkLoIaUOfB4ynt9Bw8h_tB-WWaRA==
img
pix.eu.criteo.net/img/ Frame 8BFF
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30958212
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10911
expires
Fri, 22 Sep 2023 04:58:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F0A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGZ2sibFEHPfPh72k5JpCfxqx8cYvCGJ21IKPmKqLOpKpXwXUfiIzNgX2uBG9mIB-EGiieDR1d62HsBr1rPyNjZQSFvUDqhgVN8UYMb7wQFMqBAxApVntFbWlQr70GmJ5PTQ7DjtAlOdaPEOXNdj75j3kAOsFL9wQWC5YhBS1xvxAiaFx68eKVGfFEP89mPutjU8BRm5saSKcMgTks7hef33B-rBMk0zkLvMRYMAfB38VoYgmCymfSNDeTTWDLTXrTQkq8Anuqy6ZBLfLp8x-7RFtueqNhIQ6xFSMDxEq8wmgxIHMU25jgQHDSV-FLu7LkUXOt9k6n-qy2Zh1-bO2A33ejDekEkWUflosFODigE8IQuI1RKS2Q6A&sai=AMfl-YTWYmxtkBDa4enFm66t1k3RZgN3OUejl2MDutol_cLgfuYYBONcx-tdV7cgQa8M6U0u2C_tU8-bgmdlRMiNqt3sFg1aBjqnerSaZQJ_6KtvfCLrciZUCCs1A-alGoZDNA&sig=Cg0ArKJSzGIwBFYERMuOEAE&id=lidar2&mcvt=1010&p=1172,635,1173,636&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4230775942&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400477646&rpt=546&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1246
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 20:09:58 GMT
expires
Thu, 28 Sep 2023 20:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FDD4
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8614e456fe677211a9efded986043d4a45a891f9e50dc405e3499b9534ebe73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TIXsTn798Y-j3rYAohTTmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-TIXsTn798Y-j3rYAohTTmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:59 GMT
expires
Wed, 28 Sep 2022 21:27:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame AFC3
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 05:16:29 GMT
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
58291
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
kAlhVMWX6caAbPx3yqYvYr0F4W7bOYLefoQ218JjCPsKF7_2vFVIUQ==
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame AFC3
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Tue, 27 Sep 2022 23:15:44 GMT
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
79936
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xSJMqm12tRbKwOTShg3zIqjIG8ZxizicSXOYbdIT4lUFXkJxSIOCWQ==
img
pix.eu.criteo.net/img/ Frame 6D6E
11 KB
11 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30958212
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10911
expires
Fri, 22 Sep 2023 04:58:12 GMT
img
pix.eu.criteo.net/img/ Frame 6D6E
2 KB
3 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoGAF-AG-52202DE.gif%3Feb%3D1&v=3&w=400&s=PntC5sK8ydHsk_JNCXdqbt6N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAEz7oK7cWYAAN4V0opbZuQrZH6UKbOqg&u=%7CrqjC%2FsrpJIvXKaCXvQC7YFO5Zr%2Bx90B3bZXUwKYABsk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG71O6ppOvcto3jDQ4A322kS8ejedTfy25v8moDO-ZP-F4xhT4ukqgGesgx-T3OpQY-kXSK2lnU4MWXwRISYNB56R_AjRfQeZzknHp-N2D7sctDBl_-a2rYWqq51HKGSydKkXr9IpMG5vnFZbTUEX4Pl4VCE83Tk8lN9RlzuF8nhinflemFBCwTN0F7EBdDWGfg5oA1hh2i_0F2MmdsOfFUNUN1JbS_djSo3TFswSDX9qfrbm1zL5tSF15lQH7atyT42xCS37f8tTnn7-AdyIQjM3iiAOqU6MUM1eOMleTxOTYR1G9pCUDAUhcbG_Jdi8v4m4njYGtyHlnoMRyqH459rtULIyTZ89PkfJZYvTIVI5l5coGZEzyOMLbTuvwDIYazX1Wi0f1KqSBoh9DX2IghLeQpZUvZWSG8LYIAPaTcX2TiIKqlzyEdZCGTmqSOR0rRvA1YEOb1FhH2SWwuBXiJBPWA4qxxPFCxl5lhsWoNCiNxrErZSz7P7NZzy0sBPXz9BwsOjM61G5w7-OwIi2MU04AoL8KIanwc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIKbSXrw0Y7qfE5iLtwfX8I2wAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgToAU_QUj5_Gxb7EhV1wNRvSN1MUDIRkmj7D6lzTNUS2tmBPQINpFA6cZ8CrkKvvo0reACHDYr4wVmGDbDYGk3BOjct0ZLMGT9_epYnu2cPJMswf8bV-5j4z2aTEaQuFVsuX3J4eFuQo2YLyoPWo2uyWx7GYLYhv3l78-YNZ8CYCblbENDdZk6dLAoKBFs344yELMrHdjdU5AwDh4BZNKhcYSYxwCcqdjg37gL21VVVrNi3E9DO9X25s5gAUfsPnlGpAX1tzlRb0lFBLAiM1Sg_lf4UamDILriYwgqIKst-KPjt9YG3JE6zdpqABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3BCAiEKK8x0ctx97ZVvzjEFQjS6Q%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=581213
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2490
expires
Wed, 05 Oct 2022 14:54:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F87C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoXKiX1t26igsjhTNyacrpSM7Aqdf4fJriBjIThqbDm1u4tjbsT7i3UNlnI5CWWPFtPECYvYcEBFs3nsRX6caB5AHtNT3sqIfhMYiPbip0KAy1lI7BDj7V_kGvCm3lZhnm9lbXdIeIJsfOQg_KxYcAGiNGFBycKqD1Tf4cwcCuCG7XOv-SAlvHageDR19wOuGmFHaki7ged9BNP4sMK3lYJkiA1TvBnIib5ixju_IOJNAwXAxH5fUUPzZPxeRt_MTgiPlM9jwc4fgMe1GHKv3RbTY7pPk3q1SwHror8bM_HJ3qBTeCpXfIyqrZa6HZ3umx-QQHB0vBAF9JF8sUhRzqnoDplax1&sai=AMfl-YQ8YTFB19cl-ncNm5Gm1f29TVteqVYx5_CiHbrw950I_Kc4KgxMpeIIE-f9CLf6yhgR4gkyQ9ZoP-c-MQbzO4Oka9zhBVrSy2Q2r5pm2k_eJ5YnwbLMCV97lrFpHH-4GQ&sig=Cg0ArKJSzKdTXxF76LjzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F87C
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e106d3fee8c243393629708e1eaeceacc83c17c6568c83f9d835bb87d29c5c7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11209
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame 3F0A
180 B
932 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
180
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
Yl98ew5B9cDvkRxGAeflvgnDHCln-VKOjhPPs9ID_nAVmuowaB_z4w==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:27:59 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
ChMt5sFD1ZGuSdXaSVG73hq2BMNErjuMbSnh7Syf0RLLI94yAclmnw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ Frame 3F0A
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 3F0A
180 B
932 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
180
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
Wm8HABE3nnxsOJd01OvllXw1NLCXuhVkAi2dZ5xReTFhkU_VFH5iRg==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:27:59 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
S4HgPozTMUNra4eiafECttIsw5rb912fpLC4fiCRcZsDbv7TKPEMqA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ Frame 3F0A
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7B4E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvYtifz3rbODCvGiF_KLypqgCnxr2gBKkzRep7Mi4doFBqDm8MHozPLuS_CxOln5lcQVABSEfkOKyZVKIBOqqns5r-tdaYbOMO3nF81t3XSOCSPNj9FzlQlVfY7wLkyc17Rec4nw2dAZYf36pIL6cb559ADjQU4kEBo0vI_vooqmOuEUZs2ng7Zyn-JUT0jvoHloPDfjLIznTAaC2H0bJubTJg7yvJ9MvH0yvVIGB-eKrR-TW1cXiqgL5q0_GdUvypEls1TZHArzMP8pziAI8WY_QvFrPGdLFBMY0ic17mSDJ_6CauJTraj-xHFpoPP7OUQD0WdyEQ1Q_DK1HsJh9QM0HqJ6weFmaBNC-iCr8&sai=AMfl-YRGdFcRrwgmVADk1Zkwpr2nBYA3Hmmp5iQZsKTssewzNRAjeCviSEjVa4hSE-m16HLBYqsOkfCwM1xFDxghCg7rUwKIxJd3Q_ABFXKtjb0GtMb094EM4_91t3xborg0MQ&sig=Cg0ArKJSzF2L8IztIkNKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7B4E
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578784b1fe304d8b5f1c9fa9c001ce58713cf45bef6549ae4bbdc8d891108789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11242
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame AFC3
180 B
933 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
180
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
KNXBXfWIGJ1bX16zO26Fx0TGdZUjpZlkqyWf0VEtaJohf61Z9EWpeA==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:27:59 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
mRTXu7UGgsnIuGJiq56fiCqrzT7SgYiIhfh_kRXEBKHQkzsuT_FS2A==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FDD4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=2116833172588637&rc=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

geoip
avm.avantisvideo.com/api/v1/ Frame AFC3
180 B
931 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
180
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
IdutloiZmBe7vex2p8kxaSoGBjvj_VFYB8Y4H5crcgnfRl-EgBAGAg==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:27:59 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
Jp7U3W7hqh8JYD8ggj4QRkgVCWFc-BQt3TrwbwYC7aY-uEm_L2TNqQ==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ Frame AFC3
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/events/rosh_hashanah/happy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8D31
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJOIjyLrlOOPxESqMb-B8FH72ltr4Nmkd6as66x-_F_SOQC97uob_MhvfyrRXdD-4IXT4yOETD1mUeOvq6glmdkuWhOvEsCPqCr9OVROfJiYPPPdVppmGRWmM2Tut7BOX-SmqGuGe9Dmp2kbUuoPGg99PDgT0_NhRDZFHrPl7eafxRcy5lDPYl2rOqajgxOE7xBxEh_e3kjLKGroj8qC9vOmDEFBsD1N-Q9QK_ql9ttcKs3Je9Qnm5_tEva1xbuAOS-ksdWCOI0Yqt_zhmr-XSSjcC7Fzgi4ZLrrj2vO3HweLNzsM-yRcYegoW2i7xSjHTLxc4V2EgpqhV5ZM2p06Zt0nYaemswNE9MmyU&sai=AMfl-YRzAUhPNihrnS4DJ7uCW6h4tzF4FRFqypQCNHu2KICIK2CCMlTdNp83I2IYOl4pEyrhJt4RVkx2F6R0gi_9ZljPx8juqG1-E4JlrpZ1gKDw3Nav87hv1Ym_Gca0r2LrgA&sig=Cg0ArKJSzPrrlQpHtdVnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 21:27:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8D31
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66ffbff8923cb1b008132defc1f6753a51fad9ec17f993b177e49e94c9faa1be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11144
x-xss-protection
0
/
www.facebook.com/login/ Frame 1883
Redirect Chain
  • https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19a81017...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%2...
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19a81017f25f1c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff376db61ed7cad4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=90fcc18e246f5340154aff0e704df1c4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 28 Sep 2022 21:27:59 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
uNWyXLwWJpIaP/qDMDf6u7zrMQOtzn5K3UD/9iH6bFsg7poiJ3dmoEUNrF9Bmxy4B731tk7RGUHDtPNAyuuBbA==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 28 Sep 2022 21:27:59 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df19a81017f25f1c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff376db61ed7cad4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
SdZhTZEsSxBlaGzeSCgAK7OtnlJmbRPWy2Z0+unwzq/X8E8NsXY4JUosHVoj/DAh2vxebuwynLBPPeEm8LdVEA==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73ead178bc372f2965ffcf3b8b0268e44b7869cdcc386d29e4182a1b8356c369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11330
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 1246
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 20:19:07 GMT
/
events1.avantisvideo.com/ Frame AFC3
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F87C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7B4E
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31069934
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B02
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 20:09:58 GMT
expires
Thu, 28 Sep 2023 20:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3708
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d8c4ecd2be4d4c46d5d4e8766c0f6a8046e6f204d75294cfd6221b108354636e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SrFFTm22vG7gW3mnBLW_6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-SrFFTm22vG7gW3mnBLW_6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:59 GMT
expires
Wed, 28 Sep 2022 21:27:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31069935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDE0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 20:09:58 GMT
expires
Thu, 28 Sep 2023 20:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D183
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
399eb3aa5d013200e6aea82a93c94913fd6847c08d84feca11777719d63f7d31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zq2PM5h_u2TnVMborYzzfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Zq2PM5h_u2TnVMborYzzfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:59 GMT
expires
Wed, 28 Sep 2022 21:27:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8D31
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:27:59 GMT
generate_204
tpc.googlesyndication.com/ Frame 1246
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?MmoYVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3708
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=2062035898826899&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 2B02
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 20:19:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E08
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 20:09:58 GMT
expires
Thu, 28 Sep 2023 20:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3D11
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b75babd3bcb84ae9e6929cd17f526c88033b02a129bc1f4eb55b2487b965fed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DIKfC6SEpDm18x3xunrU9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-DIKfC6SEpDm18x3xunrU9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:59 GMT
expires
Wed, 28 Sep 2022 21:27:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CCB
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 20:09:58 GMT
expires
Thu, 28 Sep 2023 20:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 522C
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e39ebeed389b75eb6316b5731647ff3c82fed6eeb4d59458f3b42e750f70bb49
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LhNJpSYrBFFp4iDWJIIEWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-LhNJpSYrBFFp4iDWJIIEWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 21:27:59 GMT
expires
Wed, 28 Sep 2022 21:27:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame D183
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=3350297505340178&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame CDE0
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 20:19:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3D11
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=4124693949371190&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 522C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=1198021468793358&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 5E08
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 20:19:07 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 6CCB
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 20:19:07 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CD0D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR_s3d0_4AsPH43IV4LvFu7ONIXfbbnAeDCzMGtcuJCdIvKNzN4QTIHQOSe_YBlfF-SBfMUA_5IvXrW4QB1rDOQYAQN375bpsleoAODwgMyrnNeUptzCNKmaUfUBO5sf0CCYIdug&sai=AMfl-YR9iNEtoo4RNI0siJFvCuUpl52NS57YIRXXo6n0191Ox_B8wl-z_JVmcttUrI87mk-Dl_irT1FMswGDms9315FChrjSIlQ0PFwHxpaTX4Hbba8vKx1TDqMMcbWufG0&sig=Cg0ArKJSzOhLE_qKuP5fEAE&cid=CAASF-RoG19ZnW_ZCV-VU6SoB-yIAaASv1V1&id=lidar2&mcvt=1012&p=0,0,250,300&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3036485478&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400478181&rpt=557&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A248
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5OZFjXnUxq2bywFwnmfS_vXBg3JJ9If62ak4gkNCLw_NNbV4d7kItqjbSTDUwEjsCaLA_z8hk5PuMXY-CGB9QbRU&sig=Cg0ArKJSzKpx2-MmL7TqEAE&cid=CAASF-Rogr90aNVqO-5uTn4Gns1uH16dTtVX&id=lidar2&mcvt=1013&p=0,0,90,728&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4293758812&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400478150&rpt=570&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2B02
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Hpog1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
video-loader2-cr.js
cdn.avantisvideo.com/js/
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
23HYQ0o2ylfY4CikTtNpDIRIBjFm3stq
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 05:16:29 GMT
last-modified
Wed, 10 Aug 2022 07:12:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
58291
etag
W/"34fc05e1a66d53097cb2d428812d10e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
M4jpnmMYhzLNPbKv2-Oe0b-oDxvP96EwUz_QFxB03oJPW0eu699HCQ==
generate_204
tpc.googlesyndication.com/ Frame CDE0
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9migCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:27:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
video-loader2.1-cr.js
cdn.avantisvideo.com/js/
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Tue, 27 Sep 2022 23:15:44 GMT
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
79936
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
WBE2i_0a-4vzl9XiLfnr1xUz_49urs_4-shy2ee26kAzHoVhnzjFuA==
activeview
pagead2.googlesyndication.com/pcs/ Frame E744
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUnBfjNw4kxvHX9uI-YQbb1WszgqI8oCSmxjTJ8Ib84vxw7Zuqc-WbBwFtuTTxaan8X4Seb93RXJz04J0tzR91EJ4&sig=Cg0ArKJSzFgPolICg9oiEAE&cid=CAASF-RoCosq2MwUOO8tiVf1Cv4tujwP1CTI&id=lidar2&mcvt=1033&p=0,0,250,300&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=318829804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400478307&rpt=561&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C065
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf918EWSExkwQfo8GEO4uPw7DRnZbMpuGB1xyzhLs-YNep74IwiDNmYueSJMv2oFe0kOL7gg4PfU54LEkg9PGLdvbWBEVL2wLgemIzzrYoiqKV_-Q8Tyf4zJVwLl7a2meUOGrE58eOsz5ZMNLoIvw93OSn8jN0kyi0WhtC-MnS3eHBAN227XxIS94jf3-4tSdRZ26AEFAtUSq8_pYh1Bc_QiLJ8-y6meKYxfp3kEIdlNAdqeAMeLAlSMMdHuNEZgt2Nwd78LNSL-zoFAZEJr2YVxDiGnFmnBoX8H53nWPgVPz4AbzlGWUq0dhKFkMWF-YSKKXcuIFBYcZDdvKrcz0akLDn-nXDFukSBIJ1rA8&sai=AMfl-YRY2JisC1qQe0qYbERNzSJJNbMrP-7Iirgoq8lArbNjznIHOnSGTDoFOvkv3Qysi1YaRBTzKkCJOSMCkAA7wc2TXkq3hQQBhcX-RIu8n_QyDY0N0R8ntTSa8F7vWQKoIQ&sig=Cg0ArKJSzBC7Q11ZF18eEAE&id=lidar2&mcvt=1035&p=236,970,486,1270&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1127719608&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400477577&rpt=1322&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/
3 KB
3 KB
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&eu=true&country=DE&hour=21&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
2771
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
x-download-options
noopen
access-control-allow-credentials
true
x-amz-cf-id
sZ4n55AGjiqrrJKtFiBbw3PqqWmAiB2Y11jK1rButR09no9WWEzLsg==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&eu=true&country=DE&hour=21&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://www.123greetings.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 28 Sep 2022 21:28:00 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
2JiktFQTu1cGgcOOYJSfwnG-IJ0oAERVOShjAnx_7BCFvTswxw75Bw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/
115 KB
37 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
R3srv_l_.CCJ9VrYZEKFH47S4Xn_qYV0
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Tue, 27 Sep 2022 23:15:44 GMT
last-modified
Mon, 15 Aug 2022 08:52:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
79937
etag
W/"e47a13a604e4ac4e6ccdc005c9e93287"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
UQ74nZFVkQxuMVCBMBKVkOCKM_Md0j2_qRgFuzV4DllyYXgL5L-hoA==
generate_204
tpc.googlesyndication.com/ Frame 5E08
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?FMurTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6CCB
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?GS87VA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.eu.criteo.net/ Frame 0C60
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=9XkBr6drzWUpFfAIESG1IXxEgJodxEpGWwA1IQIkn6Ocyk4-9Aj2kffvmTSFtZdH1JrzW2GYVuJ1btoS4fSZmGyV9BZFfuKIa_gp9TDSBC4nmitDkqLS2e5GhkEzGpmyOMvR9b6JSxg1m3PbmbtBblkJRyhpadISafOyGUQZv1CXRqAZU3vVrslSbgVOjtbaWGhXLOlWu3kdyG_ow0EpE9Jd8UmU__p0OPzMY5DH2vGlHMGQBtBhSgrbKxzPANbPS68iYA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 8BFF
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fD1VVqdrzWUpFfAI1FL7ahwNtiQqiouOi8xw_eWkrTS7d_OmrpUgm73BR6G4aVzqbkk7WA0kQY_PlvHcbwDZRS_K6Ii0MMJOf2PGpD0uomQv0mGRHwpB2bF5Y2ieia_wEFBBp-fRd8LLthyxjH8pBcRqpdyjTPFPk2G0MCGE_v7DCS15MQwTGaKDVRsuUgt1llEeW_BsYwKZcltaw-DII5afRNtuYjIXAV6Y6xhNOvWrLzBqYGWwzSO8Comc3G8u11iwNw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:27:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C065
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=2116833172588637&bg=!x8SlxIDNAAYIxsuQKMY7ACkAdvg8WnpkI-Izo3skq7IcES_R-xMilP8VpT6BNPx39K_2w7LgnwcsTQIAAACVUgAAAAVoAQcKAJFeRDIHHX-vMFCPMQg1RPHHpeXZN75wNwjYYD_m7yRmhticN8VXcY4nijPTy_bIuqfOMJ-NhecBSQar1S9Wx8O7j-VEQsUULkh_9E6BoPPJ6hwrXvOKgrSaqcTG_o-lYX6CK6fHZWzMQNwPEaJTr2S-cl04rayWdCUs2UBmGrOhYpBWsINPelfDSdk4llxBDVv7mQLEOl5_CCQn4PQ4HyU1RcElo53uGqbz8G5Rc7RdG862rdSJzycORmL2WYAWFIXpQlmGzIAxtvDLj6KwFjmH0qWKtMBHYJrhNODnCDLAgvuLmMS7_jSF9F-kEbpaKBTrWBTh9cv2nex28jmI-KqG3Og_M4FnkjAxAjra46CIQUsxQc1D04p-WCxH4DGqAvz836vtxRq8qOP8W-g0gFkA2UcSSdeYrQsZkRePvurPIHq_RaTCHCdq--EZmQ60rsGTkIbt07Q8x8s5NJYc-9_PeD9hU-uzrwWsHoVkqXBAeUQxxH5a1KG3reNk94IxxItpiSmGRIvN4f4acxdScC-wBI2yKUmCmX6x_X1mHil5ghqrLl_YdPxq7tkHIz9CpNx4qOBH-xXyloespyUAv-yImsTxL0Wqt8IPxN9UIIYhuZg9imrFVl-nChgzHV22f5ZasPrKX32KC-ZwVovSd2dC_iS6pGrXur2aXgYijd0o404grlGN_YqMn9UZXM5Uyos0Er3w0lOaCpuAwFBSo9oIFmzieCLp9gFTjBztOdrrIINaqre9ie7ViQqL9fTT-_7QdoS4rKPLTILQTVSJ0I-gvS2RuxyxKY1-Ho9MRtR35R38foeObnPq78alFcpbkQFKJo2JQRsXgpnYp1xmYV7M6jOfgwn177smSMPqLzWiSuOyPsj6mRQdrMKqq5y6jWlSWBwdgQfHPh0cM2rzWhbGnaWC54PW6QccM5Pk29IS9c_RDCt_8C6g7OOpv6ualw8lWmmSI0MxB7MutjtwzN6yrEJdTxMBtMeSyjH79M4Z97cuM9px9xh1agSv2HLw-vYQP18pUA8w2jPgWuyX_b-0XG_xrEo531vGJpkC5FVCHzci1JbTzrv8CmFowmc6uCTjbBjolYAdDVjn1jtAh5Nz4lxna37NwiQp4GQrWeeC4a1alMsz0VQt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame F87C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm9lmr4bGlmfpFv8-t1dMp65etDPMAwNPfoKtNOXGWxrAoM8Pjq46w8JIuk3ib78v7VwgK-_QXZtcygXt_j_qYYzI5Z0---tcdEQLAdAMm2oG0gdq8OYYMbYXxNcQZTVMywpJrepeKnkAoFdWvTBKXrX9aJslLzAbha405tg-mRWiL-Na24-SfIvHufx8D6VBCuq6SmPqXHjNU11lRALAVpRARQce2E0c-xR38zTmf37KXHwcgTBgJOpKFoZ2Fgt9l_UeJz-oqP-ZOCny-Z22UAHeAQW3XkPQR9j3BGiC1SZFyx9NmceMelLKzlksqrJGHgYQnPXdo4-LfWzBgQchcgBs5ki9YwynYSozu&sai=AMfl-YQepb2tmxdIFOVivAI4RSC6vvBIPUVC8_2U-0W8UATNGWje2-zmo6-VCwrCMwMdJczL_fIh34EB_u0U_k-WPniOIuaxzX41uM1KqOKTPznw77s7_CA4NJs9L0EZppYixg&sig=Cg0ArKJSzC8qA-Z6a-4NEAE&id=lidar2&mcvt=1000&p=47,560,137,1288&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3914305483&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400477555&rpt=1741&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3.071a3bdd9711b74edbd4-video-loader2-cr.js
cdn.avantisvideo.com/js/
22 KB
8 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/3.071a3bdd9711b74edbd4-video-loader2-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
vGDGbENE468pAhP.jbDfEWCVTKLZO.Eo
content-encoding
gzip
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 04:50:32 GMT
last-modified
Wed, 10 Aug 2022 07:12:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
59922
etag
W/"97f2ecd515fcc6a9d26763251ef08b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
L5-NXGhbev2gQ1kyrKK0n2qTR_-BG_Y1ESeD3EGPLJdAe0nwT8Mj8g==
sodar
pagead2.googlesyndication.com/pagead/ Frame F87C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=2062035898826899&bg=!ZGelZyPNAAYIxsuQKMY7ACkAdvg8WqOYxaSjRAKf_LJ071YNpPVB7lKMPNKBa9loRhNlurPeYr-iLQIAAAC0UgAAAAJoAQcKAHitYHH3B_heLrHF0zYCUu31wUNw-Yc9KY0dnH5l6UTKpqxzarNNKsn9jt01SptIyFY0ygXBKaLF_TbVmo4iQ6flS1WOBQPyDVjXekGx6Lk4Rw9xGZYwy9XFRkk07BVGw04i2cp9zi39ZPhAgdVR3LmcW4YoQBzhmaaZArwLFNbOaNRtgR0lc6FX0oY-3rZrD4qMeRxVgZfIrcrHlrJeVSwqx4pLunrqHX9n5asug_IzoqDLvrlxjBjo9LWcyX9RKVe24RskVF6UeH28O-yDTqLBrLXZu9zu_YP-9_u833a7SYB4MpFLiPf-jq4eL2auNYOIJ1p00535OXKX3hbprDaJWR8AcBWoCZx5mAftcIPQ9JaKY9R70NDBdW0cdN-srdmCBstHrzWqw14bdL64sk-rYb1l1HQUqCK1PEWfa_tvlJB7zx79l-pQzUsxdIp1Yz1nRQebb5EkWY5YBwpyzktC_z8-hwHmkOT0m9h6CgJh_xKt-YCQ5u1umkPmTtVIK9yoPL5DsRWbBj4Rd48FTQ2uOx1tk-Lpbu2uzH8d_avMqdFOclDQ9nonAiz5s1smEzj-idbYOU04O7CCceoNEujVuH4nS1qq_bNLxFlExrretyE1_5Enkejzmg2PMdP595jCSZNO3JhwScI8bBj3XJiEn7KVLKFaL9Q_01RyhkjwNsmnL5iRQ58wDXDqQgKTiN7iQEBTzwrnfZKBYd6HJVjprlxlcxgIgh3Cj49AuXNDzp1uCdKuWuCCZcsh9X_JskeVI63fUGUMQoVVYU_OSwFc3fPOCj8BjbGXZ7pUCgfJECtlvxlDiBGbQMZD9qrI5j8wPoJ1a4W1pYV74pYRyOkh6uQw2meN3Ma_JJjW_zGKyMnVAAP3Dkhnkuspqn1-lIkqIy475Dz0ZQdNh645tVCG1r2JJNZ39Wa9hdWvtBxm-FrAXl_G-knrkvmRHQCyEjGvJevG6lbe-uiEtXQqY6GRJz1-m86K3649cnjDzfZj8bCmGsJ95UOW_mfw5JGIVgAw1yJlj_3UuOq2ST3yrq-JVd3Dmx56LfzWQy4rFYoYtKrGhnvYNye5e9Ptgg4PJNjn4zx4q92n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 7B4E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudtXGWfapSflwRoe9rspJ8vFdf5Kfq-1S_4DR9yp-ky9MKY4W28IB0dXwmFJnkcuOJhUnRf-QvLX7cu1K2uchBL3sBQEQjFW61IzXWZHJGbKM8IrniEvn3PpdZ18R4qpnZ9QIJmGb_UDtdvXSG-rbvnTcBy8PhVwh6YzG2ObBxNdvqto9F4zQVHAniXHxsXRtx0a-mKw38CvkVKewMkHakY_VU5TyV95iV470qeKjKza2pnzg3MGFcCv-IJI6ewI-ZJVdONfdFeUP5sXlhi1jHrhBO5pvAdCFJiwbBk3irWzDaUrqr3w8x5Cb9gYCfg0b94I--OONq6R32Xk-lGafSZjAxllI1ZG2_cwI3luh30RH8V_A&sai=AMfl-YT0dnHZmaY7R2mIYal2nj8wN9lJ15RbvsuRp2ZRA-udT1qQIRlOO2VqNwMS7ZCjTih6x5N39jIZOzZy_pz3CLsGvZKUk3kXkiyoS-AIgnAOJdEKaWPHgzTngiyY93M3tA&sig=Cg0ArKJSzHC_CUOpT6t1EAE&id=lidar2&mcvt=1000&p=518,970,768,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4293624944&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664400477589&rpt=1766&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7B4E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=3350297505340178&bg=!GBulG1_NAAYIxsuQKMY7ACkAdvg8Wg4iNKL-OVFJJz95w5CVkQkfsTn8d52RA7M-w42mzDpqw8akhgIAAACRUgAAAAJoAQeZAtLTdweaMArYw_Lc3-7nzIKgW00P5VaKXzT2AotsPkPkdaCaheiq509vBdcDzuwPb3rZsEHUNmMaSry1rWf6lIloTxukz5wRRsYsSR9RP66-4DIDNKgsUQaRHgqOMMRtF56Pf9R8gu9d3LiCpznFYizzweW2IpQUEhfAqdIejsvDQpr6k5RcfjYSirpcXwWGFdUTK5x-ZeG6dfC1h2Bx6tJqg-4dbnuIPVCKpXO34m4-PSYw1YqYROhQhHOlHt3YkXSmebl56DWWVLWPe95fI8AAX0vZQA5V3LOPso9PiRfWyMfV5kd8BSKGH8kvZOMpX_18dlW9BYFM_HFLUtJX1bLVRnlkUfyhTy21oQS4e_CJvSs8aZ92ppsL4i3OdnNPWA1o52rivfXkZFhH36jx_t3rTfMBLbHaPjkpJbzdXFyy5uf2lVZLT0P2THpq6BqrWfENlk2Pxp7T32URhNRBqCtb2QG56h9IQa4RFafpnoWWPkk4HeZL9I2eNnVrMHLqrGPv7CiPJ2c_kOvmFTFb4yZuOwlFs_lsoaCqg4OTADdde4RYIASktVT54tCZ1jnnWq7DvWocQx16SNl-GgF_Vc_ZFnv4jAQX7CVX5NavzEuqIFtNS6ZQkVwns4XCQb6w_OgFq9LHHiFRqNdHcsyvxRnJKIeQ32WnvhcoSPyjqogQpdkM9x0uqW0HldOicXyzvE4hGpC-5JnXdXa2lxSk73NKrolh6AgFpUxJzFPSLBCKRvStlbL2LtGN1FBLhI6r4LaWX95DBeg-2JgQ6boldC2xQAZHt8Qc3ZhRcPPbio1WU7eN97l4BEyct4AuTm-tk0tCUEpvzDSuh74meHCmsCYgxiKTrWuyKamhxLtl7Dmy3FjWFwQBqIv3fjgqFiV8ToGGrB_uHpN4tQNuqxCuBflauOSZk4moVDLwGh1bqNjA00_9HXFnB5jXVD_gBFHOgheY9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/
2 B
765 B
Script
General
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.071a3bdd9711b74edbd4-video-loader2-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Unused62
8096267
Date
Wed, 28 Sep 2022 21:28:00 GMT
X-GUploader-UploadID
ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-generation
1589462556858294
Content-Type
text/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=cz4mSA==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Expires
Wed, 28 Sep 2022 21:58:00 GMT
aniview.js
player.aniview.com/script/6.1/
28 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
756fc7dbf6e4ba97c61ad14913289b7cda96f360cd385aad2e82f8311d708233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduxuBvuE5dD-iN01fxrlTwz2yGe-CbwetVP0zPwFkZFGD6HP8p3xiAlFKDHZ_az1jtcMC9YbGPp92xKVXnaUuLYfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9907
last-modified
Thu, 22 Sep 2022 10:35:01 GMT
server
UploadServer
etag
"f0b55e7b963e0c631589cbf691100f44"
vary
Accept-Encoding
x-goog-generation
1663842901839103
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=1g9Qig==, md5=8LVee5Y+DGMVicv2kRAPRA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9907
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:33:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 7630
390 KB
111 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtE8nZD_ZWEn3wpzEsdy5oZhYfWtEmfYnL0_9g_xda4kYUEYLgogaZEk5Nhsv8UEX2kZrBk7oSv5NQmZk0bqyKXuFsmiaxj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112390
last-modified
Thu, 22 Sep 2022 10:35:01 GMT
server
UploadServer
etag
"338e56b1f4ce4f7715f277f4b2749547"
vary
Accept-Encoding
x-goog-generation
1663842901832027
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=61SVsA==, md5=M45WsfTOT3cV8nf0snSVRw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112390
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:33:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 1B4F
390 KB
111 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtE8nZD_ZWEn3wpzEsdy5oZhYfWtEmfYnL0_9g_xda4kYUEYLgogaZEk5Nhsv8UEX2kZrBk7oSv5NQmZk0bqyKXuFsmiaxj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
112390
last-modified
Thu, 22 Sep 2022 10:35:01 GMT
server
UploadServer
etag
"338e56b1f4ce4f7715f277f4b2749547"
vary
Accept-Encoding
x-goog-generation
1663842901832027
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=61SVsA==, md5=M45WsfTOT3cV8nf0snSVRw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
112390
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:33:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=4124693949371190&bg=!T0ylTAjNAAYIxsuQKMY7ACkAdvg8WgTkaXxCAVeqCiBcRGC9UwEP5aiGOijbsHYMG1dhvgF5a1pQ4wIAAAECUgAAAAJoAQeZAqzDq_aqqjuju5Xq2NJrwWdBgphwV5Gs-PemBmpn73RBZtvLXCLGwGtS_P6up7WnoBKvTFcucu14vF0TX55ig0xjoXqBhFf1ARAVd_guD9OK3dPnVYkwu7dkWh3mJkzfRqXo7te7k7Re64uCOiKFlxQ8n_edYGIy7Z_gLi3ofRms9IUy8hYdqv6iLFKwqC2BkmVudCSuuZwV2P5INpd2044nr5lJUkbX23LHmSwHAaF4XQGgrzleeO_BPIo6u1EA54-yqUPfQYIEUeJD52vYeU1uPnBuX1LsDnOdrfNp7vIf5qoHc84PsHAuocfMJtx0zj0HA6nbnA1zI4wis1ZHZhT5E4Qxdqpu7dTLqHZX1OI3Gjyf6QJhkOJXNY-1wDLu6zb-8CdxA733zZzt9weo1QC628Cs9GSDZ9cxXCnkRYszRXwl9WpgEh7jYoWs274veLjHrlN1HJ0tNVCITwkkStAvvAhKX-yZe9_7GeYtcwcQzL_cQNIsAmxdn_j9oXt1JMPtcHUG-ymPlf5fkWQOjFYkZsW7Yu0-scHR19tsMCY4zKa46-OWwIO-I0bY5RjwHi8USb4kZLqPU_lu2ZiKqyDSmK_RY35tpK8vGQjpuiVyIAI8yEe4__MKuOC5W9r_OLIJ32-WDHLEEEpzX6HLTMi11oVkBEtjnDca5AjldrHW-ybI_hb3VuSrzQIyPViSSsVVcG-iKn8XobbxNmleqXrqAOJ8hJe7BK61igefAxppm3Bxy3QewoOdPFAn1vM3x7kn-0Jn66-hfawl_M-agP0H4V9aYK0XH6Pkxc5pBO_1vN9wkpiLQMxdpRUL3vpcN4GnCaDZ1TTVI0EeDwVOCjydHoDJg1krY7Fyqesu-Ek9qwD1WW4c1yaXPlBhxq61v9sTPkMqo1xg1IdCEv0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 8D31
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=1198021468793358&bg=!wsGlwYXNAAYIxsuQKMY7ACkAdvg8WvACd1PgVrjHQnSIJH4qN8mqFSv09UgPkEfnwCAZektciVQT2gIAAAD5UgAAAAJoAQcKANjHbrPjalaBknZWrCf-MhV-P0Ft1JTiWRFf0O_H94QxnVS8qChBvElPWVyJz575tcfwPzQvtZ9cGzeWSlqysL4B4LlInKIqR2-G1VpbVTV2bBQL3XBZJbYCwmTUEcGuM06-beTBXCopUxTiMHSqK7ehrR4W2Ckhvxxyia8rVVEvKhW-S3QFIIGriPNEV0oeVqKq7SFcwXYP5IwyMyd9e2zbLSRpkaVICQfwlNyHgxeh6OUuskEw24y8BcQDwMdwY4nSNw3O8dXc19Ve4Id9gIiCxFF3Z9_pHD6ZAr3G3mftL_2i3FRWwvlgrAubndwcZCQdVBWfoXGDgrgJyy76Jn6nXnj_L0SuPAod6YQ6T3pOoV5WbrKbEQYx092WcZf8_yT2o81ZcdEkAoviBgIv_a_UlMCkrruUXLw7F4MgIih4_HeyOX6JFzztuxIEnypShV-Kli1xOySGTOPACHUyfEPQ8PKFNo_00qHTav4XhL6j4efPP5pqqTHvfOGc13HCbyAH301uvFA8OB4RA-b7xGh9X2GFjVWIf-wv5_hWrvgAqWobul9w6Py4_Y_w6RHWWVt92mtoCjIGhS3MHtQ0ye1hoJrVqSQ4uuKpPIZoUuoG98dWlY-QvD_S1v2Dl5K6xRG-Lja2-9CO6fYRWsMnjsKRi-zi8msnS7lwmpjgDUXhnqDYc8YHCsVTGj_SDIejiWrTj_2JG79HboDHfe9gJOxzWq88fwW8h8KBGMAS9iAHx6PCg56d7_Qxty6mrd0N67-CqUZmex943uVJJqS2lAuzercvdcjN79ADQ-NL6FN96dpAMCUUOb-_C0r3VUnwI8nFQPOi5uBjyU4IQafpWKpgbJncJioqTnfEl90OtTFnwQP2nriSiDEppkU3t-NPOk9jUKNychV4HR4UsePGRhS_agcYlwODD4t9mR1gA18X9LiQ5e-IORoYGkNtMeBK84U0VtXYJSstAGQ0RG9iTQap1JzUKNIdQ_wJGa1UWuKODL41Z7MoZKn6KAtiglejY36JO7SzDFAOjSaTMksXgTkkUKeWR-FGTLA85yheXz41JKMs1Kd-EqUqpPyHsUMadiDsUTPOI2jcOedYDUjjyuTF7CsYDbZePxrmKLO25aYqc9UOtUW4mxIvjrG1MXLnlds7VJanmnmE-3Ole1vOUmiTD_rAzcaeIcpcz49A6N_bS1-0MDcLv44LEJIHuE0V3gN8Tks6426HPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.56&apppkg=&fv=3&proto=https&clsid=3bbb3ad9-4216-4b2f-8439-0ca7f242d93d&rando=70&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1664400480765
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/
331 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
384 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
782 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
577 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/
31 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.56&responsive=1&sver=2&avtoken=480764&omv=1.0.1&clsid=3bbb3ad9-4216-4b2f-8439-0ca7f242d93d&rando=70&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1664400480794&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.54.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-54-128.compute-1.amazonaws.com
Software
/
Resource Hash
b7279f55b3278b1e7ff63f25c11c603b28c14e2d34598f592106e8a6baa8268e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 17 Sep 2022 07:41:21 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=4&d36=6.2.56&apppkg=&fv=3&proto=https&clsid=1a485b08-53ec-46cb-b197-21e8cb7282da&rando=46&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=100&cb=1664400480801
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
/
go1.aniview.com/api/adserver/tag/4/
31 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/4/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.56&responsive=1&sver=2&avtoken=480801&omv=1.0.1&clsid=1a485b08-53ec-46cb-b197-21e8cb7282da&rando=46&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1664400480818&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.54.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-54-128.compute-1.amazonaws.com
Software
/
Resource Hash
3f7c2c22d67c17436c519d2541c1acbb865c95f1879b500e79d08bcdb80bc512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 17 Sep 2022 07:41:21 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.149.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-149-87.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 74EF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1664400481142-938040147346-007455-009-000192%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=55&key=1043972310513334446
0
38 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=55&key=1043972310513334446
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.147.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-147-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 28 Sep 2022 21:28:01 GMT

Redirect headers

AN-X-Request-Uuid
4cd42a33-bb55-42bd-a330-e707396570e0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Sep 2022 21:28:01 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=55&key=1043972310513334446
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
pixel
ap.lijit.com/ Frame AF10
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:28:01 GMT
X-Sovrn-Pod
ad_ap3ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame 8BC9
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Wed, 28 Sep 2022 21:28:01 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
services
sync.technoratimedia.com/ Frame 8383
0
0
Document
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1664400481142-938040147346-007455-009-000192&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.123greetings.com/
age
0
date
Wed, 28 Sep 2022 21:28:01 GMT
server
nginx
via
1.1 varnish
x-varnish
284312262
cookiesyncendpoint
sync.aniview.com/ Frame A6B1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=200&key=OPTOUT
0
199 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.147.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-147-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 28 Sep 2022 21:28:01 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 28 Sep 2022 21:28:01 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1664400481142-938040147346-007455-009-000192&biddername=200&key=OPTOUT
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7845
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23214
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 21:28:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
csync.loopme.me/ Frame F5C0
0
0
Document
General
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
751f9100ae039b4b-FRA
date
Wed, 28 Sep 2022 21:28:01 GMT
server
cloudflare
cm
u.openx.net/w/1.0/ Frame 3CFF
43 B
304 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Wed, 28 Sep 2022 21:28:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B4F
174 KB
55 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsyzz6SkDyx09QUSKvLVOMwfVZt3Spy4OIixHYzz5__nDGzdmgAP2XQbuvWuT8zIKwYQ4hFkvazfveJCBprqx6yyTE4rQ2B
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"1795de334800689d8e696cd76eb42c2c"
vary
Accept-Encoding
x-goog-generation
1663842902451355
x-goog-hash
crc32c=mLxcag==, md5=F5XeM0gAaJ2OaWzXbrQsLA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Sep 2022 21:33:01 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B4F
70 KB
24 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdshlY1kK37ickf7xpLqO08yEY5i8kxpldeq12a9wsynMZzKKunT6mOTlPHHDBj83IvtgnV3lfZHq3pr7mU1v1No2OX357gn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"b45baf218cc998a9875aeed985913ffc"
vary
Accept-Encoding
x-goog-generation
1663842902483554
x-goog-hash
crc32c=FyjiGw==, md5=tFuvIYzJmKmHWu7ZhZE//A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Sep 2022 21:33:01 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B4F
62 KB
21 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtk35PcAkoiFBqaFuAS23MfWpTEp8tZP9oLuRnnofWZSWxnzXlCMHVK7ScJH4mTDsvKhJFzTFM4L8j4EoZQQsLOzQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"1b4766e0324b00513af07d0731e996b7"
vary
Accept-Encoding
x-goog-generation
1663842902531685
x-goog-hash
crc32c=VcLHxw==, md5=G0dm4DJLAFE68H0HMemWtw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Sep 2022 21:33:01 GMT
avpb7.12.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B4F
62 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduTCaQd_W097eJnZTdFndc5Ve3UmRj6FKdzU2-Uv8Vb1hHtWlDfYkrwArMyM1xwvfcDWgPEwoyiIylOCTvUQ9HRofQZUO68
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19946
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"429da441cdf3ad7efeffd1db9edca615"
vary
Accept-Encoding
x-goog-generation
1663842902580838
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=aaVRzw==, md5=Qp2kQc3zrX7+/9HbntymFQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19946
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:33:01 GMT
adServe.do
web.ssp.yahoo.com/admax/
240 B
276 B
Fetch
General
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969558018080038b3c07fe379f0081&pos=8a969558018080038b3c07ff3c3d0083&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=338&wd=600&reserve=4.8&req(url)=123greetings.com&schain=1.0,1!avantisvideo.com,8079,1,,,!aniview.com,59918a0e073ef4782e4e347f,1,,,&cbb=4400481273&imp_id=77fb8fa9-f571-450a-9b18-0e5533e9d9cf
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
ptv
ib.adnxs.com/
85 B
777 B
Fetch
General
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&us_privacy=1---&cbb=4400481276&imp_id=77fb8fa9-f571-450a-9b18-0e5533e9d9cf
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:01 GMT
AN-X-Request-Uuid
bf341a8e-6bf6-40c9-b4f7-c115dbb42397
Server
nginx/1.21.3
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1664400481142-938040147346-007455-009-000192&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.238.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-238-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 21:28:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.238.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-238-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 21:28:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=85743&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1664400481142-938040147346-007455-009-000192&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=42112260267&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1664400481278&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C628b7da850e97943a83f7d3b%2C626a7b5c1576bc4c20574e49%2C62d3f4e0d8665b0ec66c9327%2C62b86e392f65d47a516f6f3b%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C1.3%2C0.35%2C0.3%2C0.2%2C%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=85743&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1664400481142-938040147346-007455-009-000192&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=42112260267&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=request&cb=1664400481278&asid=62b1a8beecf705053613baa5%2C6250243f0f4db040a1785fc9%2C62a704a4e22df13bef59f407%2C6252bf57e35a4e32222ec526&ofpr=%2C5%2C%2C4&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400481239&oz_l=167&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:28:01 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7630
174 KB
55 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsyzz6SkDyx09QUSKvLVOMwfVZt3Spy4OIixHYzz5__nDGzdmgAP2XQbuvWuT8zIKwYQ4hFkvazfveJCBprqx6yyTE4rQ2B
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55752
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"1795de334800689d8e696cd76eb42c2c"
vary
Accept-Encoding
x-goog-generation
1663842902451355
x-goog-hash
crc32c=mLxcag==, md5=F5XeM0gAaJ2OaWzXbrQsLA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55752
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Sep 2022 21:33:01 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7630
70 KB
24 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdshlY1kK37ickf7xpLqO08yEY5i8kxpldeq12a9wsynMZzKKunT6mOTlPHHDBj83IvtgnV3lfZHq3pr7mU1v1No2OX357gn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"b45baf218cc998a9875aeed985913ffc"
vary
Accept-Encoding
x-goog-generation
1663842902483554
x-goog-hash
crc32c=FyjiGw==, md5=tFuvIYzJmKmHWu7ZhZE//A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
23786
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Sep 2022 21:33:01 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7630
62 KB
21 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtk35PcAkoiFBqaFuAS23MfWpTEp8tZP9oLuRnnofWZSWxnzXlCMHVK7ScJH4mTDsvKhJFzTFM4L8j4EoZQQsLOzQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"1b4766e0324b00513af07d0731e996b7"
vary
Accept-Encoding
x-goog-generation
1663842902531685
x-goog-hash
crc32c=VcLHxw==, md5=G0dm4DJLAFE68H0HMemWtw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Sep 2022 21:33:01 GMT
avpb7.12.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7630
62 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduTCaQd_W097eJnZTdFndc5Ve3UmRj6FKdzU2-Uv8Vb1hHtWlDfYkrwArMyM1xwvfcDWgPEwoyiIylOCTvUQ9HRofQZUO68
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19946
last-modified
Thu, 22 Sep 2022 10:35:02 GMT
server
UploadServer
etag
"429da441cdf3ad7efeffd1db9edca615"
vary
Accept-Encoding
x-goog-generation
1663842902580838
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=aaVRzw==, md5=Qp2kQc3zrX7+/9HbntymFQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19946
accept-ranges
bytes
expires
Wed, 28 Sep 2022 21:33:01 GMT
adServe.do
web.ssp.yahoo.com/admax/
240 B
546 B
Fetch
General
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969558018080038b3c07fe379f0081&pos=8a969558018080038b3c07ff3c3d0083&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=225&wd=400&reserve=4.8&req(url)=123greetings.com&schain=1.0,1!avantisvideo.com,8079,1,,,!aniview.com,59918a0e073ef4782e4e347f,1,,,&cbb=4400481351&imp_id=d7272023-a2b1-4090-ad7c-afc762f81bb2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
ptv
ib.adnxs.com/
85 B
777 B
Fetch
General
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&us_privacy=1---&cbb=4400481357&imp_id=d7272023-a2b1-4090-ad7c-afc762f81bb2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:01 GMT
AN-X-Request-Uuid
ed36aba3-43bd-4623-a024-89b8c0d635f7
Server
nginx/1.21.3
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=71019&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1664400481142-976105147346-007796-013-001026&cha=0.1&stagid=&stplid=&d35=&d36=6.2.56&cb=54516217359&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1664400481360&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24%2C628b7da850e97943a83f7d3b%2C626a7b5c1576bc4c20574e49%2C62d3f4e0d8665b0ec66c9327%2C62b86e392f65d47a516f6f3b%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C1.3%2C0.35%2C0.3%2C0.2%2C%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=71019&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1664400481142-976105147346-007796-013-001026&cha=0.1&stagid=&stplid=&d35=&d36=6.2.56&cb=54516217359&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=request&cb=1664400481360&asid=62b1a8beecf705053613baa5%2C6250243f0f4db040a1785fc9%2C62a704a4e22df13bef59f407%2C6252bf57e35a4e32222ec526&ofpr=%2C5%2C%2C4&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 28 Sep 2022 21:28:01 GMT
server
ATS/9.1.10.25
translator
hbopenbid.pubmatic.com/
0
63 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Wed, 28 Sep 2022 21:27:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
19 B
867 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:01 GMT
AN-X-Request-Uuid
98848896-9d1e-4349-9f54-cf1bb9e4098a
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
110 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Wed, 28 Sep 2022 21:28:01 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/
949 B
1 KB
XHR
General
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=07675a7b-9f1c-46f0-a1c0-fca9da158be1&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9dd9:f05f:3895:fccb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.123greetings.com
content-type
text/html;charset=utf-8
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-language
en
content-length
949
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
413 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
020debc26e5037a0280187fbc92024cf2fa34f156379d470647a56b929e67717

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
574 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2211f8b1936a36811%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%225e8b42ae145a8138e61d4a85%7C6114f476dd0eb2621e735342%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221282409d0d136fe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22tid%22%3A%224a02685f-3357-4761-a935-b0bd8760dc2a%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06c9414f4954c9c5465d0b3969092a6d555df253f96a2bb943ecc7c6d6d65dc

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy%2BdvOQTTyoo%2BY2iao0MStaznkUMkfqgkaVELVYewb1jLKjCmhF2ku5Lke%2BvtQMv%2BFOc6U8GHI%2Fkx1%2FXJWzhobzpSMmHqdGFBjWU3RRczQJVz6mKAAyDhOjHqCnazDYasNNDpPN9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
751f9101dc2a5b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
413 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
594d5c220d9e2475ddc3951963c913ef59cf0d9ad19acd21a1089a71470ad361

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
410 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
34012b5aa4237f7fa25f5d6a9322eefcd002a5a4855861bfbe82af597eaa9014

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
expires
0
prebid-request
onetag-sys.com/
15 B
367 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PugMaster
image6.pubmatic.com/AdServer/ Frame 7845
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87234072&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1664400481142-938040147346-007455-009-000192%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:00 GMT
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.123greetings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.123greetings.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 28 Sep 2022 21:28:01 GMT
server
ATS/9.1.10.25
pbjs
htlb.casalemedia.com/openrtb/
36 B
314 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221aefa3baff66b6%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%225e8b42ae145a8138e61d4a85%7C6114f476dd0eb2621e735342%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222433bda8fd9aa3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22tid%22%3A%225ef300c8-b3de-416f-8d9f-2b5ae3a08413%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13fef9340b119e69f3b730bc1990d24caf43df26808149990bd4d990c0d33c21

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEwWa%2BjG3Sl3iayPZTTmq7wM%2BkmzNDIclpJMxvCgMYAkzWSBdZOS9E%2FXsR7dv%2FS8EU5f4JE91A%2F6VS0R49KfAOkwssjPqnGorjm1VqnogwYNX49pu8MDZt2nuvxmh1KaltAhHO2c"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
751f9101dc2b5b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
19 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Wed, 28 Sep 2022 21:28:01 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
413 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
81fc610f088b996f153274fe809d35de21dac62c003e811ba219a309a5789b06

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
414 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1dec7587a0cb84daddf5db33908f0355d81734ee5a15e4fefb5ab8dcdaffa9c2

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
412 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.135.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bddb4c94502bffb5fbebdfb898f35d72e2811b022a563700555be90bd81f45aa

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/
0
119 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Wed, 28 Sep 2022 21:28:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
tag
p4dt2-ha1hf.ads.tremorhub.com/ad/
949 B
1 KB
XHR
General
Full URL
https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=4be6851c-6ba3-4666-a60a-507e734c15f4&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:9dd9:f05f:3895:fccb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.123greetings.com
content-type
text/html;charset=utf-8
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-language
en
content-length
949
prebid
ib.adnxs.com/ut/v3/
19 B
867 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:01 GMT
AN-X-Request-Uuid
2c138084-344f-4ad0-b0f7-75e7bf17dcc6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/
15 B
367 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=71019&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1664400481142-976105147346-007796-013-001026&cha=0.1&stagid=&stplid=&d35=&d36=6.2.56&cb=54516217359&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1664400481885&asid=6102687900a33569ec0d3097%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=71019&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1664400481142-976105147346-007796-013-001026&cha=0.1&stagid=&stplid=&d35=&d36=6.2.56&cb=54516217359&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=bid&cb=1664400481885&asid=62b1a8beecf705053613baa5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=85743&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1664400481142-938040147346-007455-009-000192&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=42112260267&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1664400481948&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=85743&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1664400481142-938040147346-007455-009-000192&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=42112260267&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=bid&cb=1664400481948&asid=62b1a8beecf705053613baa5&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.html
eus.rubiconproject.com/ Frame C4BD
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 21:28:02 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 20A4
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1664400481592
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 965D
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 21:28:02 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4A11
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
56624
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 28 Sep 2022 21:28:02 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 941133
X-Served-By
cache-lga21951-LGA, cache-hhn4029-HHN
X-Timer
S1664400483.513363,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D130
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23213
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 21:28:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F9F0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23213
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 21:28:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9E81
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1664400481523
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7A3A
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
56624
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 28 Sep 2022 21:28:02 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 941134
X-Served-By
cache-lga21951-LGA, cache-hhn4029-HHN
X-Timer
S1664400483.554502,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 0824
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.123greetings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 21:28:02 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame C4BD
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 21:28:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55445
Connection
keep-alive
Content-Length
9421
Expires
Thu, 29 Sep 2022 12:52:07 GMT
async_usersync
ib.adnxs.com/ Frame 4A11
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:02 GMT
AN-X-Request-Uuid
371603d7-e22f-4e6c-b911-46e522f9d2db
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 701F
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d9066eb64fdf1c66b1624e0c5998bd844b42d93d93b241f2f7b0dad33ed856

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
751f91085f0f9034-FRA
content-encoding
br
content-type
text/html
date
Wed, 28 Sep 2022 21:28:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUEF9FuTuKmXWrp0UqvaRivTs8H8Xo5UfpUeKOI677SN4pr5cf0rBbLSVS%2BKRQ5RG%2FeEG9fyOnaaYBmFQo%2Fo90ejTJ3xYAFpD9PezvDZ4qZSnmCsD3bMkMm7g4%2BQ5FPsM%2FmWRPypz1wtwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 7A3A
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:02 GMT
AN-X-Request-Uuid
938d360a-afdd-4f51-b877-94ec35db0ed2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E515
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3706602f68402fd327823936f61a6bd4df4ea7205f918138d2bc814b73be319

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
751f91089f9a9034-FRA
content-encoding
br
content-type
text/html
date
Wed, 28 Sep 2022 21:28:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw%2B5ISWw%2BgNmsPHF4yIw2htstXMYArKxFYZxBmr2qUaey6LhcF3qib0DvsANEim%2FHOE5NffIyRhkGFys7RiojS%2Fi0KD24AteHOPNmCAA1cZT2y0bfrYZ7qcvR23ok%2Fy4NUr2gortI0uReA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.jpg
token.rubiconproject.com/ Frame C4BD
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 701F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzS8Xw7Qeh2WBexpstRoeQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxBMe1Ey-v0fF1HEHZ6PFo&google_cver=1
43 B
877 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxBMe1Ey-v0fF1HEHZ6PFo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRsVhG2fFHHzwPDfSjBwy4B75ce4oiAXqqohNjixAvkRoh6BA%2FpmEblKajp9KsUq5WRGJPIUT0X7Ex74e55nh7iZizB9zfrjTBengqGs6WnAWxAZNIJmQ%2Bba2twQvAIwCyAjZ9wyyUcjHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f910b4e529229-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxBMe1Ey-v0fF1HEHZ6PFo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 701F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 701F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
43 B
839 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUPeeZuHsCxBaydxLogMznob05jfXlO8lLZBsZEIqIbBUTdRNip19wZY3e6%2FjLZBsF52qScHA%2B8lCgjelTL1JcPNWh7kq9vLbbloVyoT3YMeXdKzyN0pUwBai52cHHWmoPtXBX4DR4ZnbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f910979669034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 701F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K76H1Z689W9R4HS7G4ZE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1V8ZJ31P72EDAE2FBVVB
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 701F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:7b20:c0b4:a1ec:b67a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
date
Wed, 28 Sep 2022 21:28:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 701F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
840 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FyM4dipOvEwixBw7QHTjpicuCJhURfbrLqKT0n1TpQLYW9sXGrCanyNjZMrVSRzFiqwCqF5MWvkXLjCTlEbcHLJytshfwjwt9WOa4vszQ6eP9YO68QQsULO6abfryS1CVbtzNkPG8pvmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f910b4e4f9229-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 28 Sep 2022 21:28:02 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
indexexchange
sync.adotmob.com/cookie/ Frame 701F
0
0

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 701F
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 28 Sep 2022 21:28:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 701F
43 B
351 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzS8Xw7Qeh2WBexpstRoeQAA%261210
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
141
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
751f9109dc0e9b46-FRA
content-length
43
expires
Thu, 29 Sep 2022 01:28:02 GMT
crum
dsum-sec.casalemedia.com/ Frame E515
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1043972310513334446
43 B
878 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1043972310513334446
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2kYuHO6ajCEkC9I653Ja24HroYEBdjX5mnepIJfOYZ7knpio6Afl7%2F3gXr5CvB2SZ1KMRkTe9es7oaCLRQyyYKjOUcalNqCL8gYpnhdaYX%2FvDudWf2%2FU56s68KEg4jEeQmoU52QuCC0Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f9109be71902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:02 GMT
AN-X-Request-Uuid
9a2c8f2f-6441-4bcc-96fa-1fdd579d7af2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1043972310513334446
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E515
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7b20:c0b4:a1ec:b67a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame E515
0
177 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664400483.854163,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4046-HHN
ie
match.prod.bidr.io/cookie-sync/ Frame E515
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.196.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-196-36.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame E515
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame E515
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=04b2d0c1-47d8-4d91-a183-365fdb2daf2f
43 B
329 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=04b2d0c1-47d8-4d91-a183-365fdb2daf2f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6WZtsElDeb71gAew6WbUzNnJwnBAM3TlZqGnfdwVF0FLjscBvmJ908AgrzqvN%2BkfPvN%2Bz307IJDXnZwpoo8wUddDJ8YxRjrkhZ6%2BlyWGN%2B8Ey9R7SbqfCveKgWz74JnjTcL7MM3DQbrzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f910a0eef902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=04b2d0c1-47d8-4d91-a183-365fdb2daf2f
date
Wed, 28 Sep 2022 21:28:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame E515
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=K6XU03_10oEwptbXKKXK3njyhdcwpteBeKTHLlTe
43 B
425 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=K6XU03_10oEwptbXKKXK3njyhdcwpteBeKTHLlTe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKKR3RFCjv3aQ%2B5LauB3zl%2B29o4wougQ0HLnDYHILLLVnkXJrlI%2Ft%2F7tCRLj5NvKdzIEmRHMjnRMxxtf5%2BgbXpIFDbMCCJZyNFiVKUg26qHJVAOQx8cnid%2F3w7GD7EG54PAAWrxC%2BGMF4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f9109be72902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=K6XU03_10oEwptbXKKXK3njyhdcwpteBeKTHLlTe
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E515
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzS8Xw7Qeh2WBexpstRoeQAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
43 B
837 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IeES3dqi55Xupdbgj6NqkRrxWQ8CDeLb%2FBd85im2DIkaQGKdNGRdT0SzcmNZFip9wvUEmzRFX6txK7sSoS1Cobo23aEs6SRAyy2kV2ZPNimgQneSiwrxd7U9tw%2Bw3BXGoK0ltssTcQN2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751f9109999d9034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 21:28:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMeC0rzMFvFA84MC2AXUgdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame E515
43 B
102 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzS8Xw7Qeh2WBexpstRoeQAA%261210
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:28:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
141
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
751f9109dc169b46-FRA
content-length
43
expires
Thu, 29 Sep 2022 01:28:02 GMT
postback
s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/
0
145 B
XHR
General
Full URL
https://s.gk.123greetings.com/2/2.69.3/945541/AYpsZ8oCEeWpYCLF/postback?pd=mkt&mo=0&si=main&ci=945541&dt=9455411658248091559000&sid=AYpsZ8oCEeWpYCLF&oz_sc=99984eec906a0a65aa8b58e2&oz_df=1664400482984&oz_l=327&cv=3
Requested by
Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.69.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Sep 2022 21:28:02 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame 4A11
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:03 GMT
AN-X-Request-Uuid
c8d86769-1195-40d8-9d2a-3308b3dc52da
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7A3A
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 21:28:03 GMT
AN-X-Request-Uuid
4388782e-e661-4cf9-87b7-6aa47cfcb826
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/
0
93 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=71019&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1664400481142-976105147346-007796-013-001026&cha=0.1&stagid=&stplid=&d35=&d36=6.2.56&cb=54516217359&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:28:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=85743&t=1664400481&cip=80.255.7.106&sn=&tgt=0&osv=10&bv=106.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1664400481142-938040147346-007455-009-000192&cha=0.7&stagid=&stplid=&d35=&d36=6.2.56&cb=42112260267&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.26.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-26-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:28:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
all
csm.eu.criteo.net/ Frame 0C60
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=9XkBr6drzWUpFfAIESG1IXxEgJodxEpGWwA1IQIkn6Ocyk4-9Aj2kffvmTSFtZdH1JrzW2GYVuJ1btoS4fSZmGyV9BZFfuKIa_gp9TDSBC4nmitDkqLS2e5GhkEzGpmyOMvR9b6JSxg1m3PbmbtBblkJRyhpadISafOyGUQZv1CXRqAZU3vVrslSbgVOjtbaWGhXLOlWu3kdyG_ow0EpE9Jd8UmU__p0OPzMY5DH2vGlHMGQBtBhSgrbKxzPANbPS68iYA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAC8XcK7dOLAA-Psp000LfD4k7M9Hlcyg&u=%7CrqjC%2FsrpJIsKH2UxXlvi3QfQErFe5CLkw8Al%2B5QiZqM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi0qrQ_eQyl4yyleTplIod3tYS02TMn5oRB9uRoAGrObNxQNCeGlZMM3Vi5cfpksTvYT8pqlJE0rHfkCqQWD-bsoJyTOKm9SYQfjdBeYhsv-HHGysGpvd4K69yK1SRh3-868poQdOooFm0hhYNPWRr3HJJqfOvKTBzpIgZ69WL_gF9SbdVHN5iznb1lU8-88L6QdDhxXHB3O9VWjWCMrCTeNzwJRevsXPwBNTSDErv7QVDtq1rlYyqJzmet2aPwCNlInpz0jW7am05XKnSOpwYxzHvs0W4ldyyki0NrWKs8xp8lXccLYjvPX7zv9pGlMDb2yhesWv0Sn3cZHIbdKXGeKh5S8i-1F1ODapiei4EY5u2AwddTL740-qvKAaTeUwiLfKdlbU48jsG4X8dXnBxbXQkAsf3GOR577cuGt0qojK1fYXiCrdo-rhFdnT_PeLNbCJxpLuUYYdBM4yssmNd4ES9g1DlSxwmZWtF1nKn7KTABhBsECtWw6KHVCdB4OdtbSDYLbb75AMLLxZG-41i7yTw3fC2ENCx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO4sKXrw0Y_fiC4untweyn76oDcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTeAU_QoymPVlrAyLARWeuDaOkJie4PLwigaroInnjYSK4lDqhxd71yaLBCQNbFeMVd4OUgTZsNeh_Y6bgNjKYH7OFZsGptUPuJEHYiUZG8whmvFh95cq6qomsXOM5k5PfOpsvZR0LBfcw-_cRXzvJJlBexr0-qVnrm_bn6o_KT58C0zn0352coj26gzKhwYzGJ4QeN3yjWqlnWcGOeZs1RH-XdzD5nthRTFIPrQTzghzLNLeFjjjkOz7CQxADgW04JI4LGPpqeE-aWAasUJJ_yoSCtD5WZ23KAzfYeiH1DEoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0idRV0DAX4ResYZJCsyfwDLKaV8A%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:28:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 8BFF
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fD1VVqdrzWUpFfAI1FL7ahwNtiQqiouOi8xw_eWkrTS7d_OmrpUgm73BR6G4aVzqbkk7WA0kQY_PlvHcbwDZRS_K6Ii0MMJOf2PGpD0uomQv0mGRHwpB2bF5Y2ieia_wEFBBp-fRd8LLthyxjH8pBcRqpdyjTPFPk2G0MCGE_v7DCS15MQwTGaKDVRsuUgt1llEeW_BsYwKZcltaw-DII5afRNtuYjIXAV6Y6xhNOvWrLzBqYGWwzSO8Comc3G8u11iwNw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzS8XgAFUZYK7doCAAmwTEOI8xyIDSnxJYjMzg&u=%7CrqjC%2FsrpJIthYnDWPU2pWiy0Zz2%2BhBafi8NH3RQebBA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZetDT5vPMn_ZE3G80Aky7oG5BIfZwsREssImGZTaEeijl9wZpQTzFqgEuSbRMusSxGVis4O5LGFiUdmBxMg7jHNFafdUYZw3APyIVXF6Xsn033xH5rgLOUquBrkfMkuP4FM9KL-n_rtdsYvo_hF7izL3NwmtoIMOaE3cqyu1ef9EhTdToEkIeA4v2Vecvs9Kt4xdUV65S-wTwOS8n7s3I3sGq5dxh58sT224FdMYL4DyDZ5BR_y2f4mvvPRA0DnSbRlQy5anq0fyf41UhPBbvk0w73b425PUAfAhnIc1gZNfruD3WKNwYBNidxVwYXPrDhs66LMhrS-z5OxhdzcZb1mYJq_uCPdvbW28LRNWsxvov11nHVtaHnmXmJ-aTmfDTaSodb3dCQHM7rLUreBKx8m5Zn-HUYdlu5QIwsXGMXLrIY_s3wKSS0a6hnATowrA_UHDVLTeCozM429aZ-BzIfgwgKGDI5tNQ-OgjBrI4QrXwifWxsIdm53QpM2mdnVN9Q3SIGUtNlAZPUV-CNhtsDEUQdcOoFo3zryKsRf3FNXGsJMI4WfP-C0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiP_IXrw0Y5ajFYK0twfM4KbIDsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDYyNzUxNzY4MDI0OTY3MKAB1bbS6gPIAQmpAugQCOiXH7A-qAMBqgTiAU_QuMcDh7jbbzJVPWMh2eMRYJT9hWRdzdooSQD18__xUsoiOHm5sDfMBDq50RG9g9v9kmAD9wRnTUOkiSKo6nVhVEdnNWri9GpE0Cu8wv_wcqTO2Rl0WRF0fd9LckfCx1Xd_3NXBD-X2sz_VeCi-YatPpv99ajUAUYb9DNDpCMhOGQLuagqcMI-y8v_gBufQ1S9YFSsE4f5ajeEBEcjxRmJCqWQt34FusvGDLSnQdcdee6_1_8JhlgJvlNrcBG1DauydV7Oi4RwfGqCniXQNPsAnNyBDfy8iyhxFOS0zwZOrbuABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1qjQOvvvZayuNQ93PeT0UR5HxfHw%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 21:28:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d

Verdicts & Comments Add Verdict or Comment

473 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getCookieVal number| adHideCtr number| isMobile string| HUMANScriptURI object| hmn_script object| dataLayer function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| json_path object| dataArr object| userdataArr object| newest_id_arr object| latest_id_arr object| videos_id_arr object| postcards_id_arr object| animated_id_arr object| rating_id_arr object| views_id_arr object| curshow_id_arr string| disp_by number| disp_count function| subcategory_init function| fetchData function| manageData function| showHTML function| showPaging function| showSortPanel function| do_LatestAlgo function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n string| cat_q1 string| sub_cat_q1 string| page_url string| site_rtn_overlay object| adsbygoogle function| gtag object| jQuery1111010803608099120043 object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends function| onYouTubeIframeAPIReady object| gaGlobal object| config_data object| __buffer object| gaplugins object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint boolean| ozoki_sv object| $$$ function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| saved_tc string| saved_sc string| ________ok boolean| isHuman function| miCallback object| google_llp number| google_lpabyc number| offset number| end boolean| isopen boolean| flag object| boxFunc object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| avntsWebpackJsonp number| avnts_player object| avntsQ function| avPlayer object| storageAni

46 Cookies

Domain/Path Name / Value
.123greetings.com/ Name: _ga_47Q5QDHYDP
Value: GS1.1.1664400475.1.0.1664400475.0.0.0
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=0
.123greetings.com/ Name: _ga
Value: GA1.2.92393879.1664400475
.123greetings.com/ Name: _gid
Value: GA1.2.1673547802.1664400475
.123greetings.com/ Name: _gat_gtag_UA_5085183_1
Value: 1
.trkn.us/ Name: barometric[cuid]
Value: cuid_1c228fc5-7e52-4f46-8406-d545d1f40792
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkiqPDAX3-PsojIzrxn0G_UdiHp0LDmJh4kB3KFoptI3fDRALpkoVPk0sby
.123greetings.com/ Name: cnFbAtkn
Value:
.3lift.com/ Name: tluid
Value: 4226414827570346164837
.simpli.fi/ Name: suid
Value: BDAEB7AEF484418FB27FCA9A7E7BF8A5
.w55c.net/ Name: wfivefivec
Value: nAuFs0We1ODEB05
.bidswitch.net/ Name: tuuid
Value: a4a11827-c660-4150-8195-cbf0c20b3ce6
.bidswitch.net/ Name: c
Value: 1664400478
.bidswitch.net/ Name: tuuid_lu
Value: 1664400478
.w55c.net/ Name: matchgoogle
Value: 5
.123greetings.com/ Name: __gads
Value: ID=882ba1a421662b8a-22cf9d7b32ce0093:T=1664400475:RT=1664400478:S=ALNI_Mbftz2gDFKEQeNAID5HLyYX2MlqLg
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjEzNzU2MDQxMhLiM9SNTw6Ncg7OSE2LDE0DAIyfCW4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZiYmBgYm5hbmQCANizluQQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjEzNzU2MDQxMhLiM9SNTw6Ncg7OSE2LDE0DAIyfCW4lAAAA
.lijit.com/ Name: ljt_reader
Value: FZMnrGZHQbS9_UglRQa9cN6S
.quantserve.com/ Name: mc
Value: 6334bc5f-01053-9edb0-00fe2
.casalemedia.com/ Name: CMID
Value: YzS8Xw7Qeh2WBexpstRoeQAA
.casalemedia.com/ Name: CMPS
Value: 1210
.casalemedia.com/ Name: CMPRO
Value: 1210
.adfarm1.adition.com/ Name: UserID1
Value: 7148545624752388239
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.7748757131521058303
.360yield.com/ Name: tuuid
Value: f2a3a6de-5912-45ec-99a2-64de370deb9e
.360yield.com/ Name: tuuid_lu
Value: 1664400479
.turn.com/ Name: uid
Value: 7103699436920053111
.adform.net/ Name: uid
Value: 3814224514059248361
.yahoo.com/ Name: A3
Value: d=AQABBF-8NGMCEGMmdhY43YW-h7xdJ1pWiPEFEgEBAQENNmM-YwAAAAAA_eMAAA&S=AQAAAme-t9uM2Su5b80kX7ZLjdE
.scoota.co/ Name: tuuid
Value: b7186ea7-70b7-4f1f-877b-627745966963
.scoota.co/ Name: c
Value: 1664400479
.scoota.co/ Name: tuuid_lu
Value: 1664400479
.aniview.com/ Name: aniC
Value:
.adnxs.com/ Name: uuid2
Value: 1043972310513334446
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27f9:175w~27f9"
.quantserve.com/ Name: d
Value: ECABEAGaJ4EK_fsQ
.casalemedia.com/ Name: CMTS
Value: 1178
.amazon-adsystem.com/ Name: ad-id
Value: A4MuzNXmXEHmkcnwalkTh9c
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

9 Console Messages

Source Level URL
Text
worker error URL: blob:https://www.123greetings.com/4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.123greetings.com/4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3
Message:
Mixed Content: The page at 'blob:https://www.123greetings.com/4378b3b0-9fae-48ff-9ac0-1894b2ff5aa3' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other warning URL: uuid-in-package:4d450be1-4a3c-c781-0a78-c7814a3c4d45
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=4be6851c-6ba3-4666-a60a-507e734c15f4&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=07675a7b-9f1c-46f0-a1c0-fca9da158be1&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frosh_hashanah%2Fhappy%2F&hb=1&fmt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d450be1-4a3c-c781-0a78-c7814a3c4d45
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
avm.avantisvideo.com
c.123g.us
c1.adform.net
c2shb.pubgw.yahoo.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.indexww.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
events1.avantisvideo.com
fonts.googleapis.com
go1.aniview.com
googleads.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.123g.us
ib.adnxs.com
image6.pubmatic.com
js-sec.indexww.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
p4dt2-ha1hf.ads.tremorhub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
r.scoota.co
r.turn.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.gk.123greetings.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.technoratimedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
web.ssp.yahoo.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.y1hc8.com
x.bidswitch.net
sync.adotmob.com

104.18.18.126
104.18.19.126
13.32.121.69
135.125.160.160
142.250.74.194
15.197.193.217
150.136.156.92
151.101.2.49
151.101.65.108
178.250.0.139
178.250.0.162
178.250.2.148
18.156.0.31
18.156.195.47
18.203.209.222
184.72.244.154
185.86.137.107
185.89.210.153
185.89.211.116
193.0.160.128
198.47.127.19
198.47.127.22
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
209.54.182.161
213.155.156.184
213.19.147.45
23.205.235.133
23.35.236.201
23.35.236.247
2600:1f18:612b:4216:9dd9:f05f:3895:fccb
2600:9000:20eb:a00:8:9ed9:9c40:93a1
2600:9000:20eb:c00:1b:5138:8a40:93a1
2600:9000:20eb:f000:3:748e:7940:93a1
2600:9000:21f3:0:1c:38a0:8a40:93a1
2600:9000:21f3:1800:1e:a43d:b640:93a1
2606:4700:20::ac43:4a81
2606:4700::6812:c4c
2606:4700::6813:ad6c
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2001
2a00:1450:4001:803::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9c
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::2003
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3605:7b20:c0b4:a1ec:b67a
3.124.238.184
3.220.26.216
3.226.147.34
34.192.54.128
34.95.81.168
35.156.104.29
35.186.253.211
35.204.74.118
35.244.159.8
37.157.3.30
51.75.86.98
52.19.188.75
52.212.196.36
52.28.203.152
52.29.135.93
54.247.130.124
54.68.149.87
54.85.238.249
66.155.71.149
69.173.144.138
72.251.249.9
76.223.111.18
8.248.115.252
85.114.159.118
017c8713fe12870613b27cdee8abd80a454f2081796a76e68d0801464c1b5dd7
020debc26e5037a0280187fbc92024cf2fa34f156379d470647a56b929e67717
02fc09dfabfbab52f8760422f0e2f1d8a5009cfee409e7e03effdc567579f681
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d3f721e943815bfdc65b1414ad130b9a6c5c3c6d9d43765ef0cb0f706ef7be
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bafb8c50bab0f042df1ae5a175a5d24c505ab576b2e2437b6ef737e89c868d2
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0ddeadca43a405855a40c8dae3b1c3335a742811130d425cffd24b2e20ea5ee1
0e340f6ed5109c33a4ceca3604a29b756e9381690ad61b26b8d396e4af98fda3
10e1099c7f31c2c63f5d5ad93caaf3f19145aff446b4ecaa0f0981bb3f52333d
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
13fef9340b119e69f3b730bc1990d24caf43df26808149990bd4d990c0d33c21
162c160474f788f2c92dcbd6c6a1435069cbd5598b22053d4987b6f8d3537490
17ce28cba43ecd76593fa63ea63d08e6467dc30f45b4ebbcf2888db381442ae8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1e3dbb8b498c8f65ed22dcf127a9c1bb2ae2b506d1dd85e2353e45f06c3bff
1b75babd3bcb84ae9e6929cd17f526c88033b02a129bc1f4eb55b2487b965fed
1cfe5746107715b9c9a66f5c836d63f0422ee6958122238b8c7672555dc7d3ef
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1dec7587a0cb84daddf5db33908f0355d81734ee5a15e4fefb5ab8dcdaffa9c2
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267
217ed34b4df7985a6593e0d3eb20580c1d42f4f871413f6880678cfc5c250c82
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
29f6a2e5af4a6424012bc3af72ccaba05ede92d95be80060ac91f3e9b9aa2139
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2b5d7d9ce81b9e387c1aedc4b12c6f084f3ec0cc4c8da0ed9719670425522b4e
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
334cd7dafed92e911bb67b44c45ab69242b70b6de637231dd3ef2e11933cbdfc
34012b5aa4237f7fa25f5d6a9322eefcd002a5a4855861bfbe82af597eaa9014
345bea28d2b68dc19a4ad95071e2ef30dd61ae02390e3c59aa0db8594aceb07a
36068a5436fcbd3405d7397e52847f1685a9c3e7405fd539bed3a4900be2bf7f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5
399eb3aa5d013200e6aea82a93c94913fd6847c08d84feca11777719d63f7d31
3c9fcd410ceee4d62d9fa2a46f8726de356198cd30fa4a75e9651ffe9cdd932e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e447ddad010867309736734922344a126c573fc8443dd5bd3f5a4d94fbce5b5
3f7c2c22d67c17436c519d2541c1acbb865c95f1879b500e79d08bcdb80bc512
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4067fa7b89da68b7737eda7e49aab9ffd96f3bbacb399c1e5283aab4f952344f
418daae1b2eff2e9698e406734dc5b7ddbdc01149ad02918412fd7d4860b30d8
41ae310adf9acc8bb81413402a18d09a7ae74973f5426cf1c9c000a1dc780ddb
4213686927dc916987c578d8c366553e29e9af8c2079142d37a5f8f281fc2252
4305820c2591d929e5192c467fe383be8991c9fc5e87181b65e001abb5ac825f
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
43e4a982f0a7871730e0d0952b725cf94179dff8ec0d0e3155e6e2d1e76c94d9
442a9f55692897f765956e49e9ccc2fdd6768683a39913132adc0ea341bf21de
46a1c2794fd2deb9498df422d9d7ae39f83608fe893437cbe9e870dcab3c772e
471b87d73a4fea9f39089fd6aa61950eb731a974865c26d32eef98b078705f34
4840511cdcf8c894618035291b786c078e11685f171c40da36a38b4423bbfc5c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49004e81f0765e86f8da10b60d1906b95ed993b4d146e84b65403be41d5ae0f2
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578784b1fe304d8b5f1c9fa9c001ce58713cf45bef6549ae4bbdc8d891108789
594d5c220d9e2475ddc3951963c913ef59cf0d9ad19acd21a1089a71470ad361
594eb6310d95df9a0b7d3f647a1a9ba96aff08290fabe13caae3df26eff79056
5a0e4c1782e28b90ed9ada766b66b4675f254f697eca83af0b822e662134b1e4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb95de092a94fd8232d506d7ff2c0067f3322be094eb5df210769e9dcae2400
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61caf66449ca54ddc6675872cc9ba130904ac594eab1c74d3472d64517859631
63d81e21b2109302b470c130312fe4df7ffa296d563339086968dff1e19c8820
644bd33d6e377a922ccefb30a36ed9ee7a0cd81bf45db43cb72a754381a0c202
64d68302274df4ea5a606ea23e107ca5332db9d32f4fe162a31f778d1d7ae5e2
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
65101be0d43cbe46feed3d67f0c90cbc7ee863857b130ee0736214f2cb634149
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66ffbff8923cb1b008132defc1f6753a51fad9ec17f993b177e49e94c9faa1be
67bf35f027201f92f89855e801ea5a5a7d1d0c496a02c043db4d9f02a31def90
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7173f35bb19c4456fd8eda5e5ad4df4e0c19b8b8bd873c907f7cbf756b144cc5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73ead178bc372f2965ffcf3b8b0268e44b7869cdcc386d29e4182a1b8356c369
744039112a3a32e0e6cbba111b5e05fce338f0516703001ae51702ba63c8852a
756fc7dbf6e4ba97c61ad14913289b7cda96f360cd385aad2e82f8311d708233
77399296691c176b2662c8f2d586947fdf80650b221750e0bbb7200fd5ae9f1b
77b0873d00bb3289e4c879cdff1ec2bbc00d78b74c1f471542f7fd83835523b7
791349cd8a337e17caddff1bec07bea42df705ae55139fe376d445fb3b4719ef
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a1dd1bee7fb2e7ed17e9d3fe95f0cd31207577ab981ff4ebc6ebfb2d88f7c4c
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7e402b1dd181178b6adc34088ffc64b62538a199d9036ac64242d4c06bc45078
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7
81fc610f088b996f153274fe809d35de21dac62c003e811ba219a309a5789b06
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
890b72ca968db304ff4e5a6ee3314d8a075bb8681dc14f2b6f92232646358064
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90f5f78a5e823ba916ea18c3e24ae1342046946757ce74aa7ff77e45810298cb
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
955c4fc386809574331c34dcdaf67e63bca3c88804e4228fb4e5a750ff2ea254
9806d62bf84b7ccba77438e9f90e04f7f506a74756b7d0f191ece8f8fd890d96
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f85b446cf7c5640aa90f2663bf232af45a2d4ebd65fcf60a3105f400ea8bdac
9f89e0b3ce8f1d125cc6d50f1225c9fbd6afd106ebcc0aa08994e453bdbfdd67
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1d623ed9cef6e07eb820b3e52ad4c9c37b2446284d40913a0d8cb5bf4b4d90b
a1f435fcfffeaf64e9f04f12caf07a407855ef00c105454714b7d7496224cb87
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e73b1ac7e751096c41463a2cc193711a0dc83ebc4e31c323b9ce5c0cad6add
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8614e456fe677211a9efded986043d4a45a891f9e50dc405e3499b9534ebe73
a896949b879ec4b203ca192d39ea0750e5643eb26c24026b3978409fc9c10fe9
a9d6baab9178d7fbea56932b81a5420d4f2af1934b4b68c308c36a23b01187ff
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ab858d5f52179c3d25e2ce980e761e296fe37e76ae34c1471682e762f73b677c
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
afff8b457f58eff10d6c36cc20fa2b30479d1ac83c1ccc32f4d83b44b2ba922e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b165b9bf964ace149f7ab7968ca7448a65c778edb34837cc5c6dcf89dba49953
b1b55c963a99c89a6f93b7ff76ea63445e9c1c8b02e5ce70450af0d2df7fac66
b2675f2bc3393449a44784c7815f9c36449024e4397d7f174812c42c6bbaa148
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b3706602f68402fd327823936f61a6bd4df4ea7205f918138d2bc814b73be319
b44b2ba17533f2e7a05bcce1f4644f24aad90223ab3d443d7db8179259f78a81
b4e9bb364cfe712a37907bbb9c3c7ebecf4ab20319b7f7dfbf562df557b37ddc
b7279f55b3278b1e7ff63f25c11c603b28c14e2d34598f592106e8a6baa8268e
b92d52194bd690820a21d7484a48aeaa4fd8972e466e484d62c8a71228a3027e
b9ecb189086b8ddaf9322307cbe2dac167d857320c67618a5332164e11cd2e3d
bd3ea71142da2f789c88adb1241f941633506f4139287c7e7a67b651d024f8c4
bddb4c94502bffb5fbebdfb898f35d72e2811b022a563700555be90bd81f45aa
bfb4e4d1cf119f001e2edf101f7798d46ec14c21199befd0a8e744a9d379efba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ff63f739cbf706608bc4e5445db4f91b4cad9cb7eba820904708add8e50da9
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c4918e6af5917966e527eee504092a007b9349ba77534848c429d398920879a1
c4e4bb8fadc43078cdaa7cf5724af61540fddfeffe414b4ab817655f532e2cea
c5d9066eb64fdf1c66b1624e0c5998bd844b42d93d93b241f2f7b0dad33ed856
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cc4c6d8d147745b8e438b7e5e6b6a1dac8cc3cf2d253cf9c3bba8f0d9b1803e3
cd1c6bf12b0e800b1b90367f23f8d99b2885f2bef40754f8bbd5901f95db3fb1
cd9d59ff4c8e5811cb254f6eb3e933389b4b19b15a7e5b82ab60f449ecc75c52
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
cdf6cd3f1258b9e04e1353ff72ec4d9a4a868f1ab445b655288e3632137b4e0d
cebb1c8b29feaaaeaeb983ccad9be8715180f2f571948c7aee4561300d0377eb
d0cec485779e5b9f4ec30fcda65110d1d8f17b7ec89fc0b227d4736b821da4a0
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2d07aac18bd7e8a933058bc7ba424813cf1c8d40880ec10bcafd14756f8d6ef
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca
d4329aa3e538e1b94cbf5bae1e9fc5b922a9b43586a0fe0c14f6d68658c6651e
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d5fb2f28253ac793314415bc1e1c28e77b08ba8a2e8a931db30e8ee36b142adc
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8c4ecd2be4d4c46d5d4e8766c0f6a8046e6f204d75294cfd6221b108354636e
dba6cd6ea8cd4b220a20275c440ac8b66e7f96c21bf5b220d7805524bc5da486
dc14bcdb558e2e685e0680e09f65b7a34bbb50fc5138c5bfe86693c28a17e689
dcbd132de9d028ea6d2a1d56ddf9cfdbba87004d7079b2f9c0fb8f80a013bc34
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
ddafcb62dd9406b687b84fe105a65220cfd60685bcf93cbcd092071368b4dde1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9967e26296ab6659acbbecd377f7933cd3743d50935a5c44c800f90b9c6687
e106d3fee8c243393629708e1eaeceacc83c17c6568c83f9d835bb87d29c5c7c
e1620c55bd052c72e444db91a21c6dd034093ffa111c5a87922788ece23d6381
e29b0a4b84bab466325d53d6849b8071d00d0c3d60d974da6c42a2fb89baca2d
e39ebeed389b75eb6316b5731647ff3c82fed6eeb4d59458f3b42e750f70bb49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d14740832c0e9785844163d4892e8ea2870c8a72d0bb089aa197013e506899
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e99d7592455b586a0fffa37db2a3fb1ddf5f348faaa9a1821932ed8208dbaea4
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecfec46a1913a0c10459372495d8792fb03bea380ee1da0d413dd024109b24ad
edb6f26c88f87c9c3b52f98a5c0374c67ce02bc88e699481929fcdf7552953b8
eebc158e3282d6488ed2a6c59a2a97aaa3b3160fb2851f8700a741bc5175bef6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f06c9414f4954c9c5465d0b3969092a6d555df253f96a2bb943ecc7c6d6d65dc
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f19832ec7013ef8e12311af7dec902f65f4346586c79c61fb7277a5a56173f18
f1be99290ad42ed29430bdb7d2cac4866a648070f3dd626603d07d66b44fc60a
f31b667b70b2753bcbffa65bfbbd0120ce3d37cace0bb6b26fb41e91508064e2
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f607aa255ceb5e2a529c17b36ec88818b052faa2792019c8af14f90f369c344b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f77932c1ed84c66e07cf14f8ed43a283d3499660202b34ebf58015284e581359
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fc1981831ba76df8cb616fa4e7dfe2fadf9e2fde70c109529029fcc9dbfc277d
fcd54e061a53b96064361f0e18ec2ab46bd324f8049ec06672bbfff32d229fc3
fcd95598079fafe7cabbf03be7ee55aba54a9abf83ac0e43967e1e4446372491