www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Submission: On August 11 via manual (August 11th 2022, 12:25:34 pm UTC) from AE — Scanned from DE

Summary HTTP 437 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 72 IPs in 10 countries across 50 domains to perform 437 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 209138.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2022. Valid for: a year.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	184.72.245.68 184.72.245.68	14618 (AMAZON-AES) (AMAZON-AES)
21	67.27.158.124 67.27.158.124	3356 (LEVEL3) (LEVEL3)
26	67.27.233.252 67.27.233.252	3356 (LEVEL3) (LEVEL3)
45	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
20	18.203.96.5 18.203.96.5	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	174.129.142.216 174.129.142.216	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
16	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
54	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6805	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:205... 2600:9000:2057:4400:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 7	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:e600:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
7	44.224.187.254 44.224.187.254	16509 (AMAZON-02) (AMAZON-02)
14	2a02:26f0:350... 2a02:26f0:3500:595::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	54.146.17.63 54.146.17.63	14618 (AMAZON-AES) (AMAZON-AES)
7 10	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 13	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2 4	52.32.39.185 52.32.39.185	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:205... 2600:9000:2057:e600:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	3.224.43.174 3.224.43.174	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6843	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
7	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
4	3.65.16.214 3.65.16.214	16509 (AMAZON-02) (AMAZON-02)
1	3.121.203.249 3.121.203.249	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
4	2600:9000:214... 2600:9000:214f:2600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2600:1f18:1ac... 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	100.25.172.242 100.25.172.242	14618 (AMAZON-AES) (AMAZON-AES)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	132.226.63.138 132.226.63.138	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	2606:4700::68... 2606:4700::6813:ad6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	2a05:d018:d29... 2a05:d018:d29:3601:2eab:9250:340e:ef2b	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	54.93.60.116 54.93.60.116	16509 (AMAZON-02) (AMAZON-02)
437	72

2 184.72.245.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 67.27.158.124 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 67.27.233.252 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

s.gk.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.129.142.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-142-216.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6805 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2057:4400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:e600:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.224.187.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-187-254.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.146.17.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-17-63.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.32.39.185 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-39-185.us-west-2.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:e600:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.43.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-43-174.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6843 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.selectmedia.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.65.16.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.203.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-203-249.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:2600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 100.25.172.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-172-242.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.63.138 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (Beverwijk, Netherlands) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:ad6c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

p4dt2-ha1hf.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:2eab:9250:340e:ef2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.60.116 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-60-116.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
47	123g.us c.123g.us — Cisco Umbrella Rank: 307612 i.123g.us — Cisco Umbrella Rank: 203583	984 KB
46	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	405 KB
31	aniview.com player.aniview.com — Cisco Umbrella Rank: 1567 track1.aniview.com — Cisco Umbrella Rank: 1647 go1.aniview.com — Cisco Umbrella Rank: 4734 play.aniview.com — Cisco Umbrella Rank: 15151 sync.aniview.com — Cisco Umbrella Rank: 2403	518 KB
26	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 801 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 538	189 KB
22	123greetings.com www.123greetings.com — Cisco Umbrella Rank: 209138 s.gk.123greetings.com — Cisco Umbrella Rank: 432050	65 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	642 KB
19	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 21328 static.avantisvideo.com — Cisco Umbrella Rank: 21877 events1.avantisvideo.com — Cisco Umbrella Rank: 20158 cdn1.avantisvideo.com — Cisco Umbrella Rank: 25331 avm.avantisvideo.com — Cisco Umbrella Rank: 22033	132 KB
14	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453 htlb.casalemedia.com — Cisco Umbrella Rank: 560	14 KB
11	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 secure.adnxs.com — Cisco Umbrella Rank: 462 acdn.adnxs.com — Cisco Umbrella Rank: 584	43 KB
11	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	3 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	459 KB
10	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910 ups.analytics.yahoo.com — Cisco Umbrella Rank: 277 web.ssp.yahoo.com — Cisco Umbrella Rank: 1786 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	2 KB
7	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1092 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 707	12 KB
6	adform.net adx.adform.net — Cisco Umbrella Rank: 3659	1 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 s.amazon-adsystem.com — Cisco Umbrella Rank: 288	47 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	109 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792	734 B
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 592 cdn.indexww.com — Cisco Umbrella Rank: 1470	4 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 921	688 B
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	546 B
4	google.de adservice.google.de — Cisco Umbrella Rank: 8117	1 KB
3	gstatic.com www.gstatic.com	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 ajax.googleapis.com — Cisco Umbrella Rank: 267	33 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	871 B
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2742 www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
3	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 1966	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	151 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 784	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 623	644 B
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 929	823 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 652 eb2.3lift.com — Cisco Umbrella Rank: 411	650 B
2	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 430 sync.search.spotxchange.com — Cisco Umbrella Rank: 516	2 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 496 image6.pubmatic.com — Cisco Umbrella Rank: 636	6 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1407	125 KB
2	selectmedia.asia tg1.selectmedia.asia — Cisco Umbrella Rank: 24906 play.selectmedia.asia — Cisco Umbrella Rank: 25680	7 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 100	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	87 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 791	425 B
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2633	50 KB
1	tremorhub.com p4dt2-ha1hf.ads.tremorhub.com — Cisco Umbrella Rank: 102020	1 KB
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 550	243 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1111	389 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1359	637 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 736	380 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 484	683 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1387	307 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	265 B
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1778	401 B
437	50

	Domain	Requested by
54	tpc.googlesyndication.com	googleads.g.doubleclick.net www.123greetings.com pagead2.googlesyndication.com tpc.googlesyndication.com 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com cdn.ampproject.org s0.2mdn.net
45	pagead2.googlesyndication.com	www.123greetings.com pagead2.googlesyndication.com securepubads.g.doubleclick.net 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
26	i.123g.us	www.123greetings.com
21	s0.2mdn.net	www.123greetings.com s0.2mdn.net 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com code.createjs.com
21	c.123g.us	www.123greetings.com c.123g.us
20	s.gk.123greetings.com	c.123g.us s.gk.123greetings.com
18	dt.adsafeprotected.com	259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com www.123greetings.com googleads.g.doubleclick.net
13	player.aniview.com	tg1.selectmedia.asia player.aniview.com cdn.avantisvideo.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
11	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
11	track1.aniview.com	www.123greetings.com player.aniview.com
11	www.googletagservices.com	c.123g.us googleads.g.doubleclick.net securepubads.g.doubleclick.net 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
10	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	ib.adnxs.com	2 redirects googleads.g.doubleclick.net player.aniview.com acdn.adnxs.com
7	events1.avantisvideo.com	www.123greetings.com
7	www.google.com	3 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
6	c2shb.pubgw.yahoo.com	player.aniview.com
6	adx.adform.net	player.aniview.com
6	googleads4.g.doubleclick.net	www.123greetings.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	sync.aniview.com	player.aniview.com
4	static.adsafeprotected.com	259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
4	onetag-sys.com	player.aniview.com
4	prebid-server.rubiconproject.com	player.aniview.com
4	c.amazon-adsystem.com	player.aniview.com c.amazon-adsystem.com
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	fw.adsafeprotected.com	2 redirects www.123greetings.com
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	cdn.avantisvideo.com	securepubads.g.doubleclick.net cdn.avantisvideo.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
3	secure.adnxs.com	1 redirects ssum-sec.casalemedia.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	trkn.us	1 redirects www.123greetings.com
3	www.googletagmanager.com	www.123greetings.com play.selectmedia.asia
2	pm.w55c.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	csync.loopme.me	2 redirects
2	ups.analytics.yahoo.com	player.aniview.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	cdn.indexww.com	ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com
2	js-sec.indexww.com	player.aniview.com
2	go1.aniview.com	player.aniview.com
2	code.createjs.com	s0.2mdn.net
2	cdn1.avantisvideo.com	cdn.avantisvideo.com
2	static.avantisvideo.com	cdn.avantisvideo.com
2	www.facebook.com	1 redirects connect.facebook.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.123greetings.com connect.facebook.net
2	www.123greetings.com	player.aniview.com
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	acdn.adnxs.com	player.aniview.com
1	acdn.adnxs-simple.com	player.aniview.com
1	p4dt2-ha1hf.ads.tremorhub.com	player.aniview.com
1	htlb.casalemedia.com	player.aniview.com
1	web.ssp.yahoo.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	sync.technoratimedia.com	1 redirects
1	ap.lijit.com	player.aniview.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	play.aniview.com	cdn.avantisvideo.com
1	eb2.3lift.com	player.aniview.com
1	sync.search.spotxchange.com
1	ums.acuityplatform.com	1 redirects
1	bttrack.com	ssum-sec.casalemedia.com
1	sync.mathtag.com	1 redirects
1	sync.adotmob.com	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	web.hb.ad.cpe.dotomi.com	player.aniview.com
1	tlx.3lift.com	player.aniview.com
1	search.spotxchange.com	player.aniview.com
1	image6.pubmatic.com	ads.pubmatic.com
1	play.selectmedia.asia	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	ajax.googleapis.com	s0.2mdn.net
1	tg1.selectmedia.asia	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
437	86

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
itunes.apple.com
play.google.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2022-03-01` - `2023-04-02`	a year	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2021-08-11` - `2022-09-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
gk.123greetings.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-20` - `2022-08-18`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2022-01-19` - `2023-02-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
wl.aniview.com R3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-23`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2022-05-02` - `2023-05-09`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh

This page contains 64 frames:

Primary Page: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Frame ID: CEDA55D45018D80F8419C00769A945B7
Requests: 145 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html
Frame ID: E2E5CCB7F3A3B76FDB7C58EF09AEEF42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1660217522&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220723078&bpp=4&bdt=411&idt=151&shv=r20220809&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2322548928101&frm=20&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220723&ga_hid=1872348996&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505&oid=2&pvsid=3363491782769356&tmod=1371378990&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Frame ID: 5EF0E1AE2B5CC3672F3D6D2F8288FF44
Requests: 1 HTTP requests in this frame

Frame: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9E05EE963D194DF3F1E2B9D0A65F719
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.123greetings.com/1a9fdc5a-a7c4-48e8-bcef-97ea89848300
Frame ID: 0486DF1B58C89A80AD5A9EA8A4463FCA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 840B93CD04AF8F85B5BB91241960AD2B
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E71F1914CF120CEC8478387AACF21A37
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2930f85cf086fc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff9032e76c3c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
Frame ID: 4E9D01AF49B1295A9F2C5BB65ED5A53E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Frame ID: E7E55EEEE2C1BB5C9FAC37620003C61E
Requests: 1 HTTP requests in this frame

Frame: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE4F8698B88EFC30A5BD1554F9CA84D4
Requests: 25 HTTP requests in this frame

Frame: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 59503C6025F0D07302FAE3CA23C91E1C
Requests: 25 HTTP requests in this frame

Frame: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C1AFD59562E725046F2725A985C54204
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyyTklF6kKs-DA-_1Z2ZD2ch8dNiPVSZ1eAG6o0o27Whp-UGoh2Zvnpkf3B0ls1ACqrN3JIV4kqRgSQc4D932lPrkMazdC3Kx4vS9ppqrtrz4Hw58Z1YTwelS2_eFWSYi7UWFcixTry2hpGzAbo7MrtCuuYNtPdGO_5ZkhQkMd9jIqavhi3iTxAYhaIGiiOy2gwPSaB5AOc7P4Vh9RZj-LUueii3esEJ29TymxPU7ily8cjVC_kxgrQ8H_ibCS-icJ4nLGWWgxS6JCLHZC-4SjQfKnISxni3_5Uuy45dSWb64vC_eyWofVsfBsySgLFUU2vllLpjyUyQe3CAuC9Nw1c6Bp5Lk4U7XMeA&sai=AMfl-YTzCmaKCHReZHPAYQCxIxyTn2y4jM61neiKQxpm2grYJX6pWM6NtkInUHv8YK2at3QNDHaVfz3H0touadlstyHwjXW1QVEwmtfgLSxcE9W2&sig=Cg0ArKJSzI0jQUsubETFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8D816475B8284A191821C71CAE9C1AD0
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 4ABEAC69B531D9599926F752255F9A59
Requests: 14 HTTP requests in this frame

Frame: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E680AB278CAB9B1ACC97B2D320E061E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvos-1I5Nq3AOo4pSQ9FVPIYlDzpyEm4q7cJt9z8JnmbbLyQVvsgfyWzvl78SfTksm-FIKmEWZo7Sr8oCf_ah0f2-96gD0V3358Yrv24os00s6L-gdCXNeCIXLgyew6BRbEblgUST1F_e4afy0KzZS3nRw3aOdGCZ8QTQyxkVaOzaKczdcQbQVObBkilXM88vgy1eV9G5rOdkGscpFQICtOeVmM8_8GFWy_A1K5acrJe9USupb7StOBnbjInwGnqcQ9ZM4Alxh4iu_0uEwSIFXp82TvUCo1HhtgYVvwoJsqbKIl4pXfZdeZ-n4Ob4FxUtBVxZQQj3HSjlvE86n3xql59S5Su6YdBuw&sai=AMfl-YSvcKXl2CctLQixzLtRGxrmC7iVXEbJGfCFoNfuB25zQlMff5AfpPqqjrr9mTMjAKkQqrYQpuaBDREoRo5h1dPjuAPGqIY5Dm8AixdFAZVz&sig=Cg0ArKJSzJxNpB0RsZ1ZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B683D3815D1BCF018310DD7CA88A87E4
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxC15uXg8ZVLywNIngCnNE2zFE_NiaG5ZDUMfwBjpRR9G_FPUjpgknkIAWusJ3FWXqXoYmW6IEWC884hkn6QflScNlENrOx_FLz2wM168xH3DY554ESd-PmHNk_eYZvfbD5la_688c7jrv0WFozKetYRIxsDjbbUNBZ3wxC1yysLLxILDu589pjEG8KAmfe2jn1vzb1C37GtwJ6K0mtXY-0w-CWFKSBJjPmjPnq6GibWvEqdWienFXfLgqOYQbd6AsPs_YbiljEs68xqyQo--1HXFOZwVrBFb6B0UrDwLUD4WiF-5rUXIBntS5yOs_HB0VQIl_H-hQstQX_7YAC3rgBIWEfJxvdjw&sai=AMfl-YSD_wDUCWhn1QlfSEBrRCTK9SZqcJPIjlgKSb2DUc22GPCj74l39i1gly40RRh-qAqZyDxcmoJVszNrlUWLvMuYVxF9vKuFaYBStBM_LmuH&sig=Cg0ArKJSzG-MqD7BlZgXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CE07F5AEFD5AA35A1872D6C9CF8E98B9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1AFiFd7VilpywLaGzs5iNgueudg3KJtbwc-tN0OqoUAuHAF3RSl7Uuik6Hmm9t1OouIUIgDwYqAPohKUT9rgmrSWrnz2kZ1-IVa4b3Z8wp0z6xCR2B_j8qPuNV001-huvfCvSCn1cVecAB9k_UO0BT_ra7ic5Wwrh1vBpVLZxLswrv5FDmmn_o39_EWsEKwqhpvN4Vo9uQCJEF_n0LXevYaxfl338WpOnGl0vNQb6VzYMuWmflQ3k7dMwhDEQq5GHY3yYVwkLQGUpdl1-ynm3ee2zF4zBtdoOE2OkoNWcu8jPntphp2UV31jvjlz-qU1tAsZW35RrRM_kN39Vx2jobNenfKKfhvRFlGT9uHAkB5Y&sai=AMfl-YRPDBPIHJGwiC4azfYKqQ9mYR-sPEnD6-rT7ZPNc5lJgp4kU30wKhLMmbERSkuaCdgyYnJ5iA3FC2OiVO4NhxFJ_eRBmLk_A5wDb4dJZX1S&sig=Cg0ArKJSzNhaQSaeniq_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 23609207E7846A6EF5F95F448D6B4504
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0EFCD41D429CB3A28E5F4BAB90A373D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 851A9D92925314605A9A064675A13B61
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3A9QEQn_-GAhiY5_KeATAB&v=APEucNXZP9R2yxWs0KHd-YNZxRfb8hQynNbEKsoGDOvb8hgo2j8R3SHEmxoR8-4jO_5dRa_g5kGPJ4svyEqNUAdq5ZdYovhl-xeszyXFksVFJ766GD5P0iwPyZOGzmGhH9HCYA22SowefDQySlXKgwBfpaz7IUNXCgrBsB181s37oJ5tGb_IT-0
Frame ID: 35D4379039A3A977D817BBBAA48BCBEB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html
Frame ID: 27A5E5FF7387AEC61C61C2891DFDFEC0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNU64x_sPHDtj64uP7QoowcdZyMAu3E_lBu6Idbs6r1Is5XKO4m6vX9Jr5ReC6uwM6iUfhqrst_9-H7CaxgwCjBl9R9WhrLwI41M4kRddQgxF8hbpb1zeeWuAYNNHi9fwmxAoZCqc4563Uu0_jil_YYEt0G8zNsglnC6a1wfRi339YGhR34
Frame ID: E2B2EDFBE50C2F90971921F56568ED3D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNX9TG66A5sVXp_hzSkwvTtNy7t43vwg5i38BwCgujlVDktKzvccJjCic3I49w1KJczZhS5gYMCbK02g52KYdoLfwsUfstwQT-HR1ccKuESi28rJETVp2JjJYmBL2_8UGVFq0NSt8pjVD0uZwKVbs1L-FCyhTp1ut9mqOA82fwV5o6IxWK4
Frame ID: 694D269118FF3D60A4CE5AAFAADB59C3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265
Frame ID: BFBD401FEAE0720CD0632B47D713861A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724403&bpp=13&bdt=102&idt=338&shv=r20220809&mjsv=m202208090101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=1&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1137098266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=195404085&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068911%2C44766069&oid=2&pvsid=3056241058495095&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ndglbs9yc5cp&btvi=1&fsb=1&dtd=353
Frame ID: B3D919DEB906518C8D7D5AFD49FE00E9
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: B9A907036E861DDD7315A6BE1B97B191
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86B260EA3FF72309D23C3C76618C8CDD
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Frame ID: 5A0D002464C9EBB1E5174533C9A0CDC8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247
Frame ID: CA956830129F597D24A929566D5FD335
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
Frame ID: 23FF020511734C5BC5F1B48407CBE286
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
Frame ID: 8C65439C8074F47550103354B1060D3F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html
Frame ID: DD017647F4A82F5D0C80FC9BB271FF3D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 946156EF974E7B0792B8C34C04E7E02C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 859138C19099B6C1211F0A101D135CA7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50DF173F408A458C09E798A250C8E336
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC423E33FA7D352243C2946CD7FE926E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6BBF0B2BC618D1E5821483913D158586
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 258F765AF11C85D6D769F58C29EA4280
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 2D0022E623F07691E0B53E3FF179F2D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Frame ID: 9FC4F527DF0C38D99B24B7026DA8850A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D1%26key%3D
Frame ID: 80AAC24FB1113CEB15EEB23A8881688B
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 03813673C862488D1D8E36586A669882
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: CF68405200D7B1F8B9E259460891F23B
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6264CF478E563EEFFE960D567A6C193A
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A6151C39A5DA71D9636376ABC78E42AC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A96B6A2EC4958BE9F55795056E3AF232
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF7EDF6EC90548D13C1AABC433A688D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEF02AF317359B5D64BC54C879950A82
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660220726558
Frame ID: 77005E1E013ACCF85582644BEE41D8C4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3C81E6D3768A9F904431C4FE3A40715B
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CC1CF5B790A828B53EB172EA944A94CE
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 852C59A352FBA04FB0FC7DD45B9ACF16
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=55&key=8309373056538263495
Frame ID: 30C23EE332B636160159AF68A45B3AE2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D18%26key%3D%24UID
Frame ID: 10E0D9BA924873E069737ADA82A1BF8D
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 09B499E3B7EC3BA46A58A0AB63392A3E
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=3&key=GDPR
Frame ID: A65E0F65FC068C64BFF202C297F5AD23
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=200&key=OPTOUT
Frame ID: 72D30F950204EECF313EC77D31333456
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=56&pid=59c9148628a0612da3689288&key=1c923b83-5e38-4930-baf0-9c0eea54ca8c
Frame ID: 3624EFBF4BEC649425E55A320D42293F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1006.0.js
Frame ID: BBDD5B8C364CF788A9B5537A98ACFF5F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 733ED7CC5054AA6F589AD4CEE56491C7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660220727613
Frame ID: A5B166966BCFECFC1DA41C669E6B178C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E7430DD0434BA6DD8D306689CECAF4B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7E7BA3843032B2878CD013B55D3E72C2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Happy Raksha Bandhan Cards, Free Happy Raksha Bandhan Wishes | 123 Greetings

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

437
Requests

95 %
HTTPS

43 %
IPv6

50
Domains

86
Subdomains

72
IPs

10
Countries

5479 kB
Transfer

13628 kB
Size

40
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/123greetings/id718873921?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.g123

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&dvis=visible&ip=178.162.209.132&cuidchk=1

Request Chain 94

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2930f85cf086fc%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff9032e76c3c6b4%26relation%3Dparent.parent&container_width=320&height=287&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F123GreetingsCom&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=320 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2930f85cf086fc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff9032e76c3c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvT1NGN4jufFrRNzBtztGQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI56rVlo93pRt5yLLB3axxI&google_cver=1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwOTM3MzA1NjUzODI2MzQ5NQ%3D%3D

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1

Request Chain 227

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 300

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 346

https://fw.adsafeprotected.com/rfw/st/1058643/63502831/4.js?adContainerId=brand_safety_NPX0Ys36Js6Y-gasmKCoBQ&cbFunctionName=goog_wrapCb_NPX0Ys36Js6Y-gasmKCoBQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b31bde78-a40b-539b-97a1-611958f46d94,c:kZ6lDs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d59c95bbd-cm5gg,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:35,oid:ad4bc91f-1970-11ed-93a5-326ff6cbcfab,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0Ys36Js6Y-gasmKCoBQ&cbFunctionName=goog_wrapCb_NPX0Ys36Js6Y-gasmKCoBQ&true_pb=

Request Chain 348

https://fw.adsafeprotected.com/rfw/st/1058643/63502831/4.js?adContainerId=brand_safety_NPX0YtisJ8qr3gOZoIGwDg&cbFunctionName=goog_wrapCb_NPX0YtisJ8qr3gOZoIGwDg&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:11e54c48-2ea9-8ecc-d68a-25d224bbf6d4,c:kZ6lEm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d59c95bbd-w5drz,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tecIYq3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:28,oid:ad4bf0f2-1970-11ed-98db-a65bf47edd50,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0YtisJ8qr3gOZoIGwDg&cbFunctionName=goog_wrapCb_NPX0YtisJ8qr3gOZoIGwDg&true_pb=

Request Chain 358

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&dcc=t

Request Chain 362

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 363

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=890762f4-f536-4b00-ad5e-9c34cb54595c&gdpr=1&gdpr_consent=

Request Chain 365

https://ums.acuityplatform.com/tum?umid=8 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=685542860499

Request Chain 399

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D55%26key%3D%24UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=55&key=8309373056538263495

Request Chain 402

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1660220725678-940947081206-007145-012-005154&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D3%26key%3D%5BUSER_ID%5D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=3&key=GDPR

Request Chain 403

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=200&key=OPTOUT

Request Chain 404

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=56&pid=59c9148628a0612da3689288&key=1c923b83-5e38-4930-baf0-9c0eea54ca8c

Request Chain 436

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6956394433612229920

Request Chain 437

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YvT1OAAFot7OzQAK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvT1OAAFot7OzQAK&gdpr=1&_test=YvT1OAAFot7OzQAK

Request Chain 439

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0Z7UEXkY1Om7fG5&gdpr=1

Request Chain 441

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1c923b83-5e38-4930-baf0-9c0eea54ca8c&us_privacy=null&gdpr_consent=null&gdpr=1

437 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.123greetings.com/events/rakshabandhan/happy/ 35 KB
9 KB 397ms
98ms Document
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache /

Resource Hash

d814335ed2a25a6599873908552985ce68a02eb8f1b1f3184007f4f4308c42a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 651
Cache-Control: max-age=900
Connection: close
Content-Encoding: gzip
Content-Length: 8545
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 12:14:31 GMT
ETag: "8c35-5e5f583a61080"
Expires: Thu, 11 Aug 2022 12:29:31 GMT
Last-Modified: Thu, 11 Aug 2022 11:32:02 GMT
Server: Apache
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK sub_categories_R1.css
c.123g.us/css/ 9 KB
9 KB 76ms
9ms Stylesheet
text/css 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/sub_categories_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 23:03:56 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1257686
ETag: "805d1-225f-5e17a2e623100"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8799
jake_test: Test_Pass

GET
H/1.1 200
OK chk_script.js Show response
c.123g.us/js2/ 3 KB
1 KB 75ms
8ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/chk_script.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 13d4667177bf9777b7d9a0ce216beb8f877f4836ae8e234e689547abcbad7837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 09:44:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 09:43:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1219271
ETag: "2c045-c3f-5e4da5c97a9c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1062
jake_test: Test_Pass

GET
H/1.1 200
OK 118881_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 100ms
12ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/118881_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: baa1a462819193c9dd6352e63c5a8b4eec8228bb4d663b4c4f6bad0335033787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 12:33:35 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1468307
ETag: "1eb1-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7857
jake_test: Test_Pass
Expires: Mon, 08 Aug 2022 09:40:16 GMT

GET
H/1.1 200
OK 104572_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 7 KB
7 KB 96ms
8ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/104572_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 53e8db73a690697741c35fe6f4d08f03be4a278cb7ba3507b54832c77a520197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:42:26 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1284176
ETag: "1bf5-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7157
jake_test: Test_Pass
Expires: Wed, 27 Jul 2022 15:57:27 GMT

GET
H/1.1 200
OK 112160_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 7 KB
7 KB 137ms
40ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/112160_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec9beb6364157b9165009bd4f6f4a9b2575ffbd4809fc07502da04f361978217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 01:01:47 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 732215
ETag: "1b8b-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7051
jake_test: Test_Pass
Expires: Fri, 05 Aug 2022 08:35:29 GMT

GET
H/1.1 200
OK 343989_th.jpg
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 119ms
20ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/343989_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a16c7316d996e441e7c4928e613dced78e058484a9f016c6d479a6352aee8440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 05:47:02 GMT
Last-Modified: Thu, 30 Jul 2020 12:54:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2529500
ETag: "1f4e-5aba82c618fc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8014
jake_test: Test_Pass
Expires: Wed, 13 Jul 2022 06:02:02 GMT

GET
H/1.1 200
OK 120569_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 101ms
9ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/120569_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 49923770dbf6a444bd9c607852646ccfb3b420c0f1cf5d1a8f27d165d33850e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 02 Aug 2022 13:32:25 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 773577
ETag: "1fd0-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8144
jake_test: Test_Pass
Expires: Tue, 02 Aug 2022 14:42:54 GMT

GET
H/1.1 200
OK 105824_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 7 KB
7 KB 173ms
70ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/105824_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5d234e3bed43c6a189cabf165344e8d3c4eb607a65424a931aaf567f83bb1189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 09:25:32 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2343590
ETag: "1a38-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6712
jake_test: Test_Pass
Expires: Mon, 18 Jul 2022 16:27:53 GMT

GET
H/1.1 200
OK 104588_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 36ms
8ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/104588_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: dcdc2fa645fd76c7610f7a858be674df1628c04b1a5125826b91cc52c29784dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 08:57:10 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Footprint Distributor V6.1.1162
Age: 12492
ETag: "1fea-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8170
jake_test: Test_Pass
Expires: Thu, 11 Aug 2022 09:12:10 GMT

GET
H/1.1 200
OK 111411_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 35ms
8ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/111411_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 43f38d925b0518dd4f46592b14ce21fc0c3beb43d7f61e25d03e93d3a585a281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 09:12:09 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 702793
ETag: "1f65-4f323b6e97240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8037
jake_test: Test_Pass
Expires: Sun, 07 Aug 2022 05:21:40 GMT

GET
H/1.1 200
OK 340097_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 38ms
10ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/340097_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f409cd95c3213ea86a74eff3a0e67e39df7313e181b289af7697c59a8df688a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 14:51:54 GMT
Last-Modified: Mon, 12 Aug 2019 12:28:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2064808
ETag: "1f53-58feaaa2194c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8019
jake_test: Test_Pass
Expires: Mon, 18 Jul 2022 15:21:18 GMT

GET
H/1.1 200
OK 325122_th.gif
i.123g.us/c/eaug_rakshabandhan_happy/th/ 8 KB
8 KB 51ms
14ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/th/325122_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9bf093a27a9dfde94d55e1559d8da31f2105746192aa9aa0ec1e7a2681365627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 05:41:13 GMT
Last-Modified: Tue, 16 Aug 2016 13:57:10 GMT
Server: Apache/2.2.15 (CentOS)
Age: 542649
ETag: "1ef5-53a30b995d980"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7925
jake_test: Test_Pass
Expires: Fri, 05 Aug 2022 05:56:13 GMT

GET
H/1.1 200
OK cal_block2.gif
i.123g.us/images/special_block/ 24 KB
24 KB 31ms
10ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/images/special_block/cal_block2.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 07:15:14 GMT
Last-Modified: Mon, 08 Aug 2022 07:13:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 277808
ETag: "5fd2-5e5b58d1ecac0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24530
jake_test: Test_Pass
Expires: Mon, 08 Aug 2022 07:31:35 GMT

GET
H/1.1 200
OK 103264_ic.gif
i.123g.us/c/eaug_romanceday/ic/ 4 KB
4 KB 20ms
15ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_romanceday/ic/103264_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c01cd8d495137487e3e8379abcdf86c956b98d8a13b4124d0c28085cb61d6c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 22:07:31 GMT
Last-Modified: Mon, 24 Feb 2014 09:48:26 GMT
Server: Apache/2.2.15 (CentOS)
Age: 51471
ETag: "fdb-4f323df80ae80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4059
jake_test: Test_Pass
Expires: Wed, 10 Aug 2022 22:22:31 GMT

GET
H/1.1 200
OK 325699_ic.jpg
i.123g.us/c/birth_happybirthday/ic/ 4 KB
4 KB 18ms
11ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_happybirthday/ic/325699_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8c1f875cbee36d6519e995aa22d1b840cebef72b0f0e307da61385918b780a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 05:21:15 GMT
Last-Modified: Thu, 29 Sep 2016 13:18:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2358247
ETag: "e31-53da54f118640"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3633
jake_test: Test_Pass
Expires: Sat, 16 Jul 2022 05:53:24 GMT

GET
H/1.1 200
OK 104582_ic.gif
i.123g.us/c/eaug_rakshabandhan_happy/ic/ 4 KB
4 KB 109ms
85ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_happy/ic/104582_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 27236de3489dacea5703d5815368d5dd11ea9c958789198d9f82a3f03e93aeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 00:32:55 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1079547
ETag: "e99-4f323b6caedc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3737
jake_test: Test_Pass
Expires: Thu, 04 Aug 2022 02:14:50 GMT

GET
H/1.1 200
OK 101777_ic.gif
i.123g.us/c/birth_fun/ic/ 3 KB
3 KB 84ms
47ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_fun/ic/101777_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eec579a532c67828ecb5a30ef57c1fcf4636d166171a63494fb21f54dd1796f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 08:04:51 GMT
Last-Modified: Tue, 21 Oct 2014 10:51:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 534031
ETag: "b12-505ec9b54cd00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2834
jake_test: Test_Pass
Expires: Fri, 05 Aug 2022 08:19:51 GMT

GET
H/1.1 200
OK 342903_ic.gif
i.123g.us/c/birth_wishes/ic/ 3 KB
3 KB 110ms
33ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_wishes/ic/342903_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b44b2ba17533f2e7a05bcce1f4644f24aad90223ab3d443d7db8179259f78a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 16:19:28 GMT
Last-Modified: Sat, 04 Apr 2020 04:34:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1713954
ETag: "afe-5a26f8c643400"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2814
jake_test: Test_Pass
Expires: Sun, 24 Jul 2022 13:16:34 GMT

GET
H/1.1 200
OK 116860_ic.gif
i.123g.us/c/anniv_wedanniv_couple/ic/ 4 KB
4 KB 95ms
29ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/anniv_wedanniv_couple/ic/116860_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 45ef428da6c398a1ad20d0dd43f98e0e3f1cf45fd871263af1eaf4951a85131d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 11:34:04 GMT
Last-Modified: Mon, 24 Feb 2014 08:12:01 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1212678
ETag: "e1e-4f32286b09640"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3614
jake_test: Test_Pass
Expires: Thu, 28 Jul 2022 11:49:05 GMT

GET
H/1.1 200
OK 339958_ic.gif
i.123g.us/c/eaug_hugmonth/ic/ 4 KB
4 KB 84ms
13ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_hugmonth/ic/339958_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3ba2c48a90ae2f9ca648961a99f72be28b559eddb7ed6a7250431af234a4bde9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 06 Aug 2022 02:59:59 GMT
Last-Modified: Sat, 27 Jul 2019 09:11:39 GMT
Server: Apache/2.2.15 (CentOS)
Age: 465923
ETag: "ef4-58ea60be7a8c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3828
jake_test: Test_Pass
Expires: Sat, 06 Aug 2022 04:45:03 GMT

GET
H/1.1 200
OK 338709_ic.jpg
i.123g.us/c/love_iloveyou_general/ic/ 3 KB
3 KB 45ms
14ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/love_iloveyou_general/ic/338709_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4123a16cd6aa4c2271c9b4f3e4371842e49bfa122369114498802a559e293ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 16:34:35 GMT
Last-Modified: Mon, 29 Apr 2019 13:46:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1108248
ETag: "a86-587ab8203d580"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2694
jake_test: Test_Pass
Expires: Fri, 29 Jul 2022 16:49:35 GMT

GET
H/1.1 200
OK 103319_ic.gif
i.123g.us/c/eaug_flwrmonthaug/ic/ 2 KB
3 KB 101ms
64ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_flwrmonthaug/ic/103319_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b11045a07e21b5b2d576bc84e26da868e0d3127fb98eafe6bbca871f087d98a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:58:59 GMT
Last-Modified: Mon, 24 Feb 2014 09:49:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1290384
ETag: "90a-4f323e491adc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2314
jake_test: Test_Pass
Expires: Sat, 30 Jul 2022 10:58:53 GMT

GET
H/1.1 200
OK 112108_ic.gif
i.123g.us/c/birth_sonanddaughter/ic/ 3 KB
3 KB 25ms
10ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_sonanddaughter/ic/112108_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d82ac656c0175d252d08f5a4c029cbada55a413df58910cdf0be7e6871226571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 10:52:38 GMT
Last-Modified: Mon, 24 Feb 2014 09:39:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1647165
ETag: "a50-4f323bea916c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2640
jake_test: Test_Pass
Expires: Sat, 23 Jul 2022 11:07:38 GMT

GET
H/1.1 200
OK 350657_ic.jpg
i.123g.us/c/anniv_anniversaryetc/ic/ 3 KB
4 KB 29ms
11ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/anniv_anniversaryetc/ic/350657_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a855faee9dbbd5e0e2ea4a1cc34537d7d931c185a272fcff71954a9bbc52458d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 16:36:16 GMT
Last-Modified: Wed, 20 Jul 2022 15:31:12 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1885747
ETag: "d8f-5e43e4a777000"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3471
jake_test: Test_Pass
Expires: Thu, 28 Jul 2022 12:40:42 GMT

GET
H/1.1 200
OK 347781_ic.gif
i.123g.us/c/eaug_thankyouday/ic/ 4 KB
4 KB 31ms
18ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_thankyouday/ic/347781_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b8d1a6e07ef3405bb00bf4c0e8480fd93e87e955d9f836337f71d89cb802ece6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:06:32 GMT
Last-Modified: Fri, 13 Aug 2021 14:05:47 GMT
Server: Apache/2.2.15 (CentOS)
Age: 170331
ETag: "e84-5c971591b44c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3716
jake_test: Test_Pass
Expires: Tue, 09 Aug 2022 14:24:28 GMT

GET
H/1.1 200
OK 112162_ic.gif
i.123g.us/c/eaug_rakshabandhan_interactive/ic/ 3 KB
4 KB 53ms
19ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_rakshabandhan_interactive/ic/112162_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f365f1c904e6d1176c4fb5d0968b97f5935921500f5419b9339c5a8a8a1def4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 23:31:04 GMT
Last-Modified: Mon, 24 Feb 2014 09:38:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1774459
ETag: "dac-4f323ba30ae00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3500
jake_test: Test_Pass
Expires: Sat, 23 Jul 2022 14:10:21 GMT

GET
H/1.1 200
OK 124367_ic.gif
i.123g.us/c/birth_forher/ic/ 3 KB
3 KB 68ms
45ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_forher/ic/124367_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 62aad9438c4874c2dd548bd74ed584de3840217c95ff7e7feb9285acb9453b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 23:21:15 GMT
Last-Modified: Mon, 24 Feb 2014 09:35:50 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1083848
ETag: "bf3-4f323b2710980"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3059
jake_test: Test_Pass
Expires: Fri, 29 Jul 2022 23:36:15 GMT

GET
H/1.1 200
OK 337016_ic.gif
i.123g.us/c/birth_belated/ic/ 4 KB
4 KB 68ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_belated/ic/337016_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb7edb2e2fba8743800e7e41622628f25006b1f48020ca0fe48ad04af2a129e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 18:30:16 GMT
Last-Modified: Thu, 10 Jan 2019 10:03:33 GMT
Server: Apache/2.2.15 (CentOS)
Age: 496507
ETag: "f5d-57f17b0ef4740"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3933
jake_test: Test_Pass
Expires: Fri, 05 Aug 2022 18:45:16 GMT

GET
H/1.1 200
OK jquery-1.11.1.js Show response
c.123g.us/js2/ 94 KB
94 KB 11ms
10ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery-1.11.1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 08:16:22 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2520540
ETag: "8047e-1762e-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95790
jake_test: Test_Pass

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
c.123g.us/js2/ 7 KB
7 KB 9ms
9ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery-migrate-1.2.1.min.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:29:43 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1943739
ETag: "8047d-1cb3-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7347

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
10 KB 9ms
9ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 23:03:00 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 48142
ETag: "80494-261f-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9759

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 8ms
8ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8118f9caab521097310cbd5980732e472a431511536759da6a7f475e2f9b1c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 06:17:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 06:15:37 GMT
Server: Apache/2.2.15 (CentOS)
Age: 281288
ETag: "2c050-1ed63-5e5b4be87d440"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30681
jake_test: Test_Pass

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
22 KB 9ms
8ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 07:32:16 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1745586
ETag: "80468-57b2-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22450
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_subcategory_opt.js Show response
c.123g.us/js2/ 9 KB
9 KB 17ms
9ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_subcategory_opt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 01 Aug 2022 08:17:40 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 878862
ETag: "8046a-2257-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8791
jake_test: Test_Pass

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
4 KB 16ms
7ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 11:43:19 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1730523
ETag: "80479-d4c-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3404

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 20 KB
20 KB 17ms
8ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 11:26:39 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2249923
ETag: "80460-4ec6-5e17a2e52eec0"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20166
jake_test: Test_Pass

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 214ms
143ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dfc5362060c8cd19a78c20279cbf8558c5353b403ad1610f19bb0434b26104b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: cafe
etag: 11442863251628688702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 88ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5767a39af793e2c8f31fe787217661ca8471c780ba9764a4a508f7fe807f1e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41862
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Aug 2022 12:25:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 68ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

615dc2fa7c0ce95f86b4a3648efb146118aa0e02271890e8ff1b322ceb6cc871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74908
x-xss-protection: 0
expires: Thu, 11 Aug 2022 12:25:22 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 81 KB
81 KB 18ms
8ms Stylesheet
text/css 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/sub_categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 10:26:56 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2426306
ETag: "805bc-14218-5e17a2e623100"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 82456
jake_test: Test_Pass

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
33 KB 20ms
8ms Stylesheet
text/css 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/sub_categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 13:14:06 GMT
Last-Modified: Wed, 15 Jun 2022 10:42:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1638676
ETag: "805c1-8220-5e17a2e623100"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33312
jake_test: Test_Pass

GET
H/1.1 200
OK clear.js Show response
s.gk.123greetings.com/2/945541/ 6 KB
3 KB 508ms
42ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/chk_script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b17866a9a6bd7f55bb6a801dd5803ff61e577a5f1e5d5dbba044c30afd3ca45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:23 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2644
Expires: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5ef34863eddc620d5bbb04e7ea944a9862de7a3ee9c7b0b1880f118b51d3f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PhGcOpri2gP6vPgMp/F/Gw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 8kLjCsWgf9ORC36EF9anpxJzioOvpjgfXqPqLNwDRGFoQbrzdswDHP1xcbrSDzE/o1sd6durt+hIUusuiTujwg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 1d2a9b9e9e4930067c73dbb402cd4d5c
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 12:25:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d907d54fb0035f2406fcd0d47ad4ba15"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Aug 2022 12:33:50 GMT

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
439 B 11ms
10ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 18:03:23 GMT
Last-Modified: Wed, 15 Jun 2022 10:44:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2485319
ETag: "810fd-91-5e17a33733040"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 12ms
11ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 08:07:15 GMT
Last-Modified: Wed, 15 Jun 2022 10:44:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1138687
ETag: "810c2-1861-5e17a33733040"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 139 KB
139 KB 22ms
19ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 05:59:32 GMT
Last-Modified: Wed, 15 Jun 2022 10:44:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2010350
ETag: "8103e-22ca6-5e17a33086080"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142502
jake_test: Test_Pass

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 14ms
13ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 15:31:52 GMT
Last-Modified: Wed, 15 Jun 2022 10:44:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2062410
ETag: "81054-21653-5e17a33086080"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 88 KB
88 KB 13ms
13ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 02 Aug 2022 15:05:19 GMT
Last-Modified: Tue, 15 Feb 2022 08:14:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 768003
ETag: "9cb51-15fce-5d80a1da24680"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90062
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_master_icon_set_2.png
c.123g.us/images/ 60 KB
61 KB 8ms
8ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 07:11:11 GMT
Last-Modified: Wed, 15 Jun 2022 10:44:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 537251
ETag: "8103f-f1d2-5e17a33086080"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61906
jake_test: Test_Pass

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 428ms
100ms Script
application/javascript 174.129.142.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

174.129.142.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-142-216.compute-1.amazonaws.com

Software

Apache /

Resource Hash

317ef126b8fac157c92ae481db0bfac6e267a6fc3f50eba8b440acf723b1d725

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 731
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 401 KB
76 KB 12ms
12ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 06:17:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 06:15:37 GMT
Server: Apache/2.2.15 (CentOS)
Age: 281299
ETag: "2c023-64550-5e5b4be87d440"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77410
jake_test: Test_Pass

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 96ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb0e4f09467c084caf5a67479121c6a43a502ef28ae116287d3cbd551a96ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28665
x-xss-protection: 0
server: sffe
etag: "1300 / 853 of 1000 / last-modified: 1660215855"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Aug 2022 12:25:22 GMT

GET
H/1.1 200
OK closeBtn_h.png
c.123g.us/images/ 1 KB
1 KB 13ms
13ms Image
image/png 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/closeBtn_h.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 00:59:46 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1682736
ETag: "9cf1d-42a-54a227b6344c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
jake_test: Test_Pass

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
84 KB 64ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=665866fd822375d60ba1bbbdf2141334

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

284763af898a7a61048ae18290de8a703804e96b8c080ff0ce5d16f139a9d941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.123greetings.com/
Origin: https://www.123greetings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yAAr+SImsGtQRY0d9luixA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86387
x-fb-rlafr: 0
x-fb-debug: j/+R0nMf0Ox1FC6lVObmhaojybhjboD0pl1ZiL/64zn/bKuKlwjPP2QaAwftKADXl0KK+vKtPEp/OPhg8A3lzQ==
x-fb-content-md5: 769e1ec83171c032f65dc5774b82b475
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 12:25:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2d84b49ec809c7c1ee8245c7f105c932"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Aug 2023 11:13:54 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 203 B
468 B 21ms
20ms Script
text/javascript 67.27.158.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 17:32:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 07:14:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2487167
ETag: "2c036-cb-5e177476962c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121
jake_test: Test_Pass

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 58ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-47Q5QDHYDP&gtm=2oe880&_p=1872348996&cid=1541243993.1660220723&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660220722&sct=1&seg=0&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&dt=Happy%20Raksha%20Bandhan%20Cards%2C%20Free%20Happy%20Raksha%20Bandhan%20Wishes%20%7C%20123%20Greetings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47Q5QDHYDP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
13ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5003
date: Thu, 11 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 13:02:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 340 KB
120 KB 102ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9d2a0c0e08ad5bd149b127612dba3e2b86688b8c0707770d5fd1231dd525471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122756
x-xss-protection: 0
server: cafe
etag: 9820999160095675243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/ Frame E2E5 10 KB
5 KB 66ms
14ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 20:24:33 GMT
etag: 8616628553774171045
expires: Wed, 24 Aug 2022 20:24:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2022080801.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
132 KB 83ms
24ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134395
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:39:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Aug 2023 11:04:36 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 655 B
885 B 86ms
29ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d296131da814e68033b8f973cd34aeaf058191c99e1a265b5569d6f7d0074aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Thu, 11 Aug 2022 12:25:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 53ms
22ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1872348996&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ul=en-us&de=UTF-8&dt=Happy%20Raksha%20Bandhan%20Cards%2C%20Free%20Happy%20Raksha%20Bandhan%20Wishes%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=888389393&gjid=1224034062&cid=1541243993.1660220723&tid=UA-5085183-1&_gid=1963840282.1660220723&_r=1&gtm=2ou880&z=92544787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5085183-1&cid=1541243993.1660220723&jid=888389393&gjid=1224034062&_gid=1963840282.1660220723&_u=YADAAUAAAAAAAC~&z=2063346445

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Aug 2022 12:25:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
419 B 24ms
23ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c2902d73f30c8ec93708074331f0452f64d64e7bb4b62ff965aa2e859fee4061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 86ms
26ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
23ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EF0 192 KB
48 KB 574ms
545ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1660217522&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220723078&bpp=4&bdt=411&idt=151&shv=r20220809&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2322548928101&frm=20&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220723&ga_hid=1872348996&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505&oid=2&pvsid=3363491782769356&tmod=1371378990&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd81e871128dfc33594ec41e43ee6398f5a9e6d4fe23e031fbdd7f742abf684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49443
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:23 GMT
expires: Thu, 11 Aug 2022 12:25:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 275 KB
67 KB 905ms
877ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3363491782769356&correlator=2452806138970804&eid=31068457&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&iu_parts=46400095%2CDesktopWeb_SubCategory_LB%2CDesktopWeb_SubCategory_Mrec%2CDesktopWeb_SubCategory_SecondMrec%2CDesktopWeb_SubCategory_LowerMrec%2CDesktopWeb_SubCategory_BottomLrec%2CDesktopWeb_SubCategory_BottomSecondLrec%2CDesktopWeb_SubCategory_LowerLB%2CDesktopWeb_SubCategory_Video%2CDesktopWeb_SubCategory_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C970x250%2C1x1%2C1x1&ifi=2&adks=3914305483%2C1127719608%2C4293624944%2C3694362538%2C3926068587%2C1178609660%2C2276923048%2C933155397%2C4230775942&sfv=1-0-38&fsapi=false&cust_params=site%3D123greetings.com%26section%3Deaug_rakshabandhan_happy%26page%3Dsubcategory&sc=1&cookie_enabled=1&abxe=1&dt=1660220723319&lmt=1660217522&dlt=1660220722667&idt=600&adxs=560%2C970%2C970%2C970%2C970%2C970%2C310%2C0%2C320&adys=47%2C236%2C518%2C1870%2C2152%2C2434%2C2722%2C2916%2C1157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&frm=20&vis=1&psz=980x90%7C320x262%7C320x262%7C320x262%7C320x262%7C320x262%7C980x37%7C1600x2896%7C630x0&msz=728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C980x0%7C1600x0%7C630x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0&ohw=728%2C300%2C300%2C300%2C300%2C300%2C0%2C0%2C0&ga_vid=1541243993.1660220723&ga_sid=1660220723&ga_hid=1872348996&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

dc519b7bf113cce8644295ac0682c0c6419203b865d4204c1d71a625053cbb3c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWy4ZPkvvkCFcKwdwodtIIJsw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11436176916142585012/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWy4ZPkvvkCFcKwdwodtIIJsw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11436176916142585012/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
google-creative-id: -1,-1,-1,99278132415,-1,-1,99278302815,138388526769,138321279906
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68515
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,237051735,-1,-1,237051975,5984529975,5461263814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Thu, 11 Aug 2022 12:25:24 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9E0 6 KB
4 KB 86ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:23 GMT
expires: Fri, 11 Aug 2023 12:25:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_re...
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_re...

42 B
780 B

109ms
109ms

Image
image/gif

174.129.142.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&dvis=visible&ip=178.162.209.132&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

HTTP/1.1

Server

174.129.142.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-142-216.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Thu, 11 Aug 2022 12:25:23 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2232359201.1794944&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&dvis=visible&ip=178.162.209.132&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 111ms
27ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?oz_pl=1&dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&_x=1
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.gk.123greetings.com/2/2.66.1/ 161 KB
51 KB 32ms
31ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.gk.123greetings.com/2/2.66.1/main.js

Requested by

Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

41c7f77cb564e20029d53084a16a3f1ba3da49f2d2c08c610584a5020dc9aaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 12:25:23 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 51462
Expires: Sun, 19 Apr 2054 05:02:40 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?oz_pl=1&dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&_x=1
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/945541/clear.js?dt=9455411658248091559000&pd=mkt&mo=0&si=main
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 46ms
27ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220723483&oz_l=198&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 1a9fdc5a-a7c4-48e8-bcef-97ea89848300
https://www.123greetings.com/ Frame 0486 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/1a9fdc5a-a7c4-48e8-bcef-97ea89848300
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220723634&oz_l=4727&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 150 KB
53 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

233066a9c20261bbb32b49cc70104dc9e18a9ba13279c97c53cc7c08572fb76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54600
x-xss-protection: 0
server: cafe
etag: 17801636144801343401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:23 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220723846&oz_l=5771&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 78ms
27ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 55ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/ Frame 840B 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 20:48:30 GMT
etag: 8616628553774171045
expires: Wed, 24 Aug 2022 20:48:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 840B 4 KB
1 KB 67ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:39:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 12:25:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 840B 205 B
742 B 49ms
14ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:01:18 GMT
x-content-type-options: nosniff
age: 1445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 12:01:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 840B 604 B
695 B 50ms
14ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:34:37 GMT
x-content-type-options: nosniff
age: 10246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 09:34:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/ Frame 840B 19 KB
9 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aed0221fdf57f8ebfc72bbcf251a01c4eca732d1163931c2e1899c469df973f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
server: cafe
etag: 6030533081903203837
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E71F 8 KB
893 B 75ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:39:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 12:25:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame E71F 2 KB
902 B 49ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:23:52 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame E71F 24 KB
10 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:19:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame E71F 3 KB
1 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:18:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E71F 140 KB
43 KB 63ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame E71F 18 KB
8 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:06 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame E71F 32 KB
13 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 06:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 23:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 06:58:12 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220724003&oz_l=2235&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3

200

/
www.facebook.com/login/ Frame 4E9D
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2930f85c...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%2...

0
0

108ms
97ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2930f85cf086fc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff9032e76c3c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=665866fd822375d60ba1bbbdf2141334

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 11 Aug 2022 12:25:24 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: +FzfXBWT+4+aY9TnHrnC7dMyL3+XfAR3aFsRU4czcMwQ9zHrIrxXFnV/Za5yLI08KHlBXsHlwhl/1mU8PMMtJA==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 11 Aug 2022 12:25:24 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2930f85cf086fc%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff9032e76c3c6b4%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: YrRhLQaWs8k96JvD5oeNkGWwCcCw0zQHawHazNL2A9u9IJzeGPvrKeK9Aky886wSnDl8h3ASzP/EHnkxlwrUVQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 113ms
61ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dbde5df2009cf11c8b76710fe8380ff2077be63ac113599bf0e932d8de59319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11013
x-xss-protection: 0

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame E7E5 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220724162&oz_l=738&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 container.html Show response
259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE4F 6 KB
3 KB 77ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:23 GMT
expires: Fri, 11 Aug 2023 12:25:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5950 6 KB
3 KB 78ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:23 GMT
expires: Fri, 11 Aug 2023 12:25:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1AF 6 KB
3 KB 71ms
17ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:23 GMT
expires: Fri, 11 Aug 2023 12:25:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D81 0
0 51ms
51ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyyTklF6kKs-DA-_1Z2ZD2ch8dNiPVSZ1eAG6o0o27Whp-UGoh2Zvnpkf3B0ls1ACqrN3JIV4kqRgSQc4D932lPrkMazdC3Kx4vS9ppqrtrz4Hw58Z1YTwelS2_eFWSYi7UWFcixTry2hpGzAbo7MrtCuuYNtPdGO_5ZkhQkMd9jIqavhi3iTxAYhaIGiiOy2gwPSaB5AOc7P4Vh9RZj-LUueii3esEJ29TymxPU7ily8cjVC_kxgrQ8H_ibCS-icJ4nLGWWgxS6JCLHZC-4SjQfKnISxni3_5Uuy45dSWb64vC_eyWofVsfBsySgLFUU2vllLpjyUyQe3CAuC9Nw1c6Bp5Lk4U7XMeA&sai=AMfl-YTzCmaKCHReZHPAYQCxIxyTn2y4jM61neiKQxpm2grYJX6pWM6NtkInUHv8YK2at3QNDHaVfz3H0touadlstyHwjXW1QVEwmtfgLSxcE9W2&sig=Cg0ArKJSzI0jQUsubETFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8D81 121 KB
40 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c28d18e13b70ca6b1bdb12bc179155260442fb8161141d893ded04f093853969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40600
x-xss-protection: 0
server: cafe
etag: 5101732796626642011
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D81 140 KB
43 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame 4ABE 220 KB
61 KB 91ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4ABE 14 KB
5 KB 109ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4ABE 94 KB
28 KB 113ms
44ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4ABE 5 KB
2 KB 120ms
52ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4ABE 40 KB
13 KB 110ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
DATA 200
OK truncated
/ Frame 4ABE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a8c1098da00214f01e129caa2de55778552b27b6a4e5634ec425addb2893ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E68 6 KB
3 KB 71ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:23 GMT
expires: Fri, 11 Aug 2023 12:25:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B683 0
0 50ms
49ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvos-1I5Nq3AOo4pSQ9FVPIYlDzpyEm4q7cJt9z8JnmbbLyQVvsgfyWzvl78SfTksm-FIKmEWZo7Sr8oCf_ah0f2-96gD0V3358Yrv24os00s6L-gdCXNeCIXLgyew6BRbEblgUST1F_e4afy0KzZS3nRw3aOdGCZ8QTQyxkVaOzaKczdcQbQVObBkilXM88vgy1eV9G5rOdkGscpFQICtOeVmM8_8GFWy_A1K5acrJe9USupb7StOBnbjInwGnqcQ9ZM4Alxh4iu_0uEwSIFXp82TvUCo1HhtgYVvwoJsqbKIl4pXfZdeZ-n4Ob4FxUtBVxZQQj3HSjlvE86n3xql59S5Su6YdBuw&sai=AMfl-YSvcKXl2CctLQixzLtRGxrmC7iVXEbJGfCFoNfuB25zQlMff5AfpPqqjrr9mTMjAKkQqrYQpuaBDREoRo5h1dPjuAPGqIY5Dm8AixdFAZVz&sig=Cg0ArKJSzJxNpB0RsZ1ZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B683 121 KB
40 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64833164c34020f22d5fe3c49467b3fb145e650dae3f7ef62c439e869819601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40663
x-xss-protection: 0
server: cafe
etag: 15667696958834189528
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B683 140 KB
43 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE07 0
0 51ms
50ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxC15uXg8ZVLywNIngCnNE2zFE_NiaG5ZDUMfwBjpRR9G_FPUjpgknkIAWusJ3FWXqXoYmW6IEWC884hkn6QflScNlENrOx_FLz2wM168xH3DY554ESd-PmHNk_eYZvfbD5la_688c7jrv0WFozKetYRIxsDjbbUNBZ3wxC1yysLLxILDu589pjEG8KAmfe2jn1vzb1C37GtwJ6K0mtXY-0w-CWFKSBJjPmjPnq6GibWvEqdWienFXfLgqOYQbd6AsPs_YbiljEs68xqyQo--1HXFOZwVrBFb6B0UrDwLUD4WiF-5rUXIBntS5yOs_HB0VQIl_H-hQstQX_7YAC3rgBIWEfJxvdjw&sai=AMfl-YSD_wDUCWhn1QlfSEBrRCTK9SZqcJPIjlgKSb2DUc22GPCj74l39i1gly40RRh-qAqZyDxcmoJVszNrlUWLvMuYVxF9vKuFaYBStBM_LmuH&sig=Cg0ArKJSzG-MqD7BlZgXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H/1.1 200
OK spt Show response
tg1.selectmedia.asia/api/adserver/ Frame CE07 18 KB
6 KB 198ms
140ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6805
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6805 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 807decb584efffdb3e88c2e486706ec4c83fec6d028046277c965987c5446daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 12:25:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5762
Expires: Thu, 11 Aug 2022 12:30:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE07 140 KB
43 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2360 0
0 50ms
49ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1AFiFd7VilpywLaGzs5iNgueudg3KJtbwc-tN0OqoUAuHAF3RSl7Uuik6Hmm9t1OouIUIgDwYqAPohKUT9rgmrSWrnz2kZ1-IVa4b3Z8wp0z6xCR2B_j8qPuNV001-huvfCvSCn1cVecAB9k_UO0BT_ra7ic5Wwrh1vBpVLZxLswrv5FDmmn_o39_EWsEKwqhpvN4Vo9uQCJEF_n0LXevYaxfl338WpOnGl0vNQb6VzYMuWmflQ3k7dMwhDEQq5GHY3yYVwkLQGUpdl1-ynm3ee2zF4zBtdoOE2OkoNWcu8jPntphp2UV31jvjlz-qU1tAsZW35RrRM_kN39Vx2jobNenfKKfhvRFlGT9uHAkB5Y&sai=AMfl-YRPDBPIHJGwiC4azfYKqQ9mYR-sPEnD6-rT7ZPNc5lJgp4kU30wKhLMmbERSkuaCdgyYnJ5iA3FC2OiVO4NhxFJ_eRBmLk_A5wDb4dJZX1S&sig=Cg0ArKJSzNhaQSaeniq_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame 2360 32 KB
11 KB 110ms
8ms Script
application/javascript 2600:9000:2057:4400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 04:59:01 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 06:35:41 GMT
server: AmazonS3
age: 26784
etag: W/"d29171b34ea93548beb17fd35f5b439b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: o3_UP5DBpj34HIRp37PMEele1xlw3U13
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: -wWdAKN-VNhRgipVmQ-JqV5ctOm2blTwad0RvHrscopRF7WVk2l6kQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2360 140 KB
43 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 13358789744459950198
tpc.googlesyndication.com/simgad/ Frame 4ABE 104 KB
104 KB 19ms
17ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13358789744459950198

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7558125ba5b265f6411645f5652b0db3085bb0f81582fff1216a2f1518adcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:13:37 GMT
x-content-type-options: nosniff
age: 7907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106467
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:04:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Aug 2023 10:13:37 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABE 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 9409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Aug 2022 09:48:35 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABE 295 B
319 B 17ms
15ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 9022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 12 Aug 2022 09:55:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4ABE 0
0 60ms
58ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Crg6fM_X0Yv7KG8Lh3gO0haaYC5a0if1qmIGW6tYQ2tkeEAEg7_aQIWCVgoCAtAegAYbvq5UCyAED4AIAqAMByAMIqgSFAk_QoeNyLu9vknFG8sxOcX5nSU-GyIgIjQVYesqQC5rZ_e0GuThgrkcQQfW5C-usc4Erm2IcbkdgBvw79U6IiMbrtE-ohLaEgSWO7YjMYWsiFMM5LjzEUbq7E9913wOzS76x7mgSJW3TiGMTnn7psORnZY_0L6qL_O7ICaADXet32BWtjJwsWSXC8x-8TOkSPuEghhkju4xIqpXOlg_GjqRV1MDMvohbwMk7bWdKHvh0NqaaZ1iJ2KkmuozklP_hhXHDf9kL1mef1BnfjXWDJhjPJt16ElH4dwiZZmaPzReLED1zKrTyzNqLhcSz7qTzpa6oJn6g7uHleqEI9lqsq7mIzPvybMAEn4bZ3NoD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB-KQ1OoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrZ8I0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MBj_1xc&sigh=Twl-etlinds&uach_m=[UACH]
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
BLOB 200
OK 9972f200-1ce8-4024-a91a-73c499140b52
https://www.123greetings.com/ 787 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/9972f200-1ce8-4024-a91a-73c499140b52
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186456f68e798b6aeb8c250949d5568673a796257bfbb9ca6744c2c00d78c324

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 787

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ Frame 8D81 340 KB
120 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9d2a0c0e08ad5bd149b127612dba3e2b86688b8c0707770d5fd1231dd525471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122756
x-xss-protection: 0
server: cafe
etag: 9820999160095675243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ Frame B683 340 KB
120 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31068911

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cd70e1897e4743d146d043ee6dbea927500532062393d68947656705b0dd90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122758
x-xss-protection: 0
server: cafe
etag: 9281126172446204835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
DATA 200
OK truncated
/ Frame B683 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43bd07362020d248f48672a14f31b12c307912439d6d1de415e041b04bd9fb4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8D81 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 786ad844f6dc885f3f914912e5d9e12bf0e8eb082aa33e71e679d979c0c8384c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2360 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40d6129785c645085d6beb6f2edeaa34035ba879253da057553a4bee511f897c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 57ms
56ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220724382&oz_l=15131&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated
/ Frame CE07 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe7507e79125daf11cb6b233c0cd032d17d33f76d1962a33014abf7925b8489

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A0EF 13 KB
5 KB 18ms
17ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:08:27 GMT
expires: Fri, 11 Aug 2023 12:08:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 851A 783 B
1 KB 61ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

00479dd21eacd546f50356a00567379c26bac239d3050dad0c5e4630f75ea189

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pr6whjf91n5-55evQRRVAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-pr6whjf91n5-55evQRRVAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:24 GMT
expires: Thu, 11 Aug 2022 12:25:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 35D4 624 B
297 B 26ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3A9QEQn_-GAhiY5_KeATAB&v=APEucNXZP9R2yxWs0KHd-YNZxRfb8hQynNbEKsoGDOvb8hgo2j8R3SHEmxoR8-4jO_5dRa_g5kGPJ4svyEqNUAdq5ZdYovhl-xeszyXFksVFJ766GD5P0iwPyZOGzmGhH9HCYA22SowefDQySlXKgwBfpaz7IUNXCgrBsB181s37oJ5tGb_IT-0

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C1AF 84 KB
35 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFgxNWaepRRuTMrZwpctWuIvntBEv2imahvj8HY_tPqIO4rejJZGhFx55kHj4HzISanG7-219-HKCEMWxNSzOPNYcphPQ6apGeoSunw6rvYNm_2CH9KZftv7e3EQpRbN7RnHfYbe5HkExy4BuQt9E_AAJKnA&dbm_d=AKAmf-CIeSY9bnQyH5FB4iCvtT_eU0e8_gXckBqTbhYt2LIqe0dXfnOMUuAqPmxcgsysSTkxedbtZAPbPUvFSoOglseT9RsBkCcooWhhT7-g-mpGmISvij1IU1UN_QW9KJstHh6U6NVQAzj1jxD32moK7C2MQKiL-WTW1KZqg5VOJuse9-FJzfLGSO7UCwR3EMAv6GwYtTqu6nF4sOLOG9wNgx8JhxoxIhmnbeZAnlWC88IR963_dCHjZOCHsMaSo4VxlinMzD15qH6XQNfVBfIbWji2vHuTG1qNTWT1MGD5W8qQ4HDsvvi1LPvxed5PTMkpxMbbmjQkQxVLCGz1J73G7ulYx0x0fUqjTcftaoFsLgQJN3VxZwi7C0C5xEhG0AhhLk_hiMkkUiS0il4IQ3G9pAovipssI-dH6nxKeoKQkqvc5ZODX8wcTeqxdt8QKhsKAuEwefft3UcUdl_IGVn9YLS1I2-XxWZXS2YobKmPj91bhPQeuD6dR8ArWvHKT90J_dHeelkEc_FEWVXqj_2sFfIpxNTwvCfdaxJByc24yPFbodb9k6CcOEhkT0OICS4NJgJ9bgLfGfJ1pgt4g2dlMYlWG3t3KpNkR3y-E7aiilyCxpemGYe4Wp0u-N0PRCb9OxPm-GooC43VbayCXHLAKlQR-lJNoDvVpyT6PLL0RU65VUiNnqfOeQafv4qCrKqzKY-YOoG9lB1dG51bTsTr3sXxPd2r5X2GnHqi4mUOFz8WIXS8hA7d2BB2c6e60ZUqCpCWtFbpA5wdRsge-2VoJNJP07rKcJj1V8BTV8WdSF9tobL-EPHm3K7tpu3rBzTr-1iqOTOgM-_fmAtRtogaPJ7dykW6WST4eJuRJv8xYYL-Iep_6oLF80ovEgjmR3FGwj5HXi4jFe7tot_BW3v8a1kEa-0nJYofSw4RiAMCGYQqFkZiydXLS9Umf95ic1gqGJHLgRe5ICyyRzMGba5rCAfJR5-DavmBOVqtP0rk_2MsLzHouWcbt2C4UWx2deFnq6l2hanxLhkEDiMLkq195SaYatf6S1z1zrQR3jMLehyYiyI1ExC3Bzb9WIbpr0bMnFiW_j9BHlxTzOPIz6OlxlD37qdcBR_i7gmQfqwL5SZExWJTmPE0xeWMC3UJwO3PBAPIuIFLasSgNThUidSGmY4ksSPb_y6oHIE5C1PCYeY3iBHOFmu4lMSDAWBjP7-K_DTFVmW_uHjq4CdGd_vo5TBiLcPtz0bHCeOfkKmLnjxRbL-tKzSg4YnyML2QYl_z5SlFWvyFK-sSItqcz9r_8cScgyJUHsO7d7lbG2fbjPtlolXCi75R5d7iE7GeBjDqwSjhgajV20YKnI_TnOf4LFVZ5T9JiBP1OhxtrApXgvZ3ET6XwATfXKF7d6uOUa9YdhhkjTm9q9UJCG9Rd7dvD3jW2S0augv5ZSgK8YrhTjK46kDkmRUOzG4RCvuvLnAY46m2348FIWRpqrEvYH_woxEkmvsHpcnszZWFpwkdPPU2cLiutEawuB1H73gyzKCt85RdqmufpXGM7W8MTLC6FqRVhwVNlJc8NAB_oO9Db64twj4khVKT-ZbMVPpe6iJUXn9pkUQq3DHcxqow3RUjsEZ-v9JXYEOPMn-7iLwuBVKCZ2ICuoQMbI7lN_XYdLu-vIpayDLjnSkduFT8Z6VZgWOUfjvQpvIomb6Fyaa6vhRmi8oC-4pkbUTvzvsIDYS6RfYfNV8lEVzh5DnNVEduAEyVsO4Fzn7JSph3TRjGn2PuFDurK9tKiC17Z_7NNVXtSXXpNgRLuri0VZ6u0YJB6kyVeSWTOyA3NesRfPgKOWWimSffdCHKSimjinuFdTOxoWo0QnEKmfZwhwa6WYaPw0ddDMdhvid-R1z46wqN8PVIkx93t6BydQSnImtHWP8lhefWQMLgqBPfgUxWOi_azihOEebFXpM81Fjr6cla5TA18q-qlhLfRnoBLgthvV3U_KdOna3FjWwfbrcNnTP1o1IvUmrxQvKbI4AYE8M2oZSZJAeW1AQVfrlpOHpsXhX0kcqr8EGxGwfQvvDaBzXFbmTXd9w1HPSRcEtt7HhMjezM1tPffmXM_sBAAxdEo5e3NzbS3KuKML-oet6p22NcWhLREyqRYVpuqgng5KhzrHP2IrmRjPiOQ-kUjdKuyNLA6x91-Rhitiju2cYDvGKmHm_tQJBwqad3abLO2RSZLU6l-eSeQVpz9T7W481iDZW6AJdgTbYVuz1s1iKr3OvTy0LnXhq-10lGFrHauR8TnrdiyDWFszqKMcH3-oo8GGatOQAm5PAZpogLcsZGUVXY4WvTm8kOEgp3zSf38ZCcRPDvPpx9lBTvf_m_2-3I-vtv6xqhkHzVIukK9gbW6_UUpXs_s4hVrFnIIND2itwzhIQr6GeVePku7EyOQ9WyrhFVCQMZIy9J11wgd9g4thiR0TstB8uRAFJf6ctnHPxPn1nCiVkLUFkh-3fwJjpL-XqOQwHFzLFKiXRy7BYboFmWdjtXS-umterSV1l_MN40PQfic2ihAlWUp1MONvXq5sx7x0TZyWSVnjZuu5IJADPnCkEWPZk3gX9kQ98rfy3A3vynA3mQ5x5zRyzXRJbHWgV75ciFlfNKz7W_OUDuU6rQbfTXtMS7v8_kcExILLW8Rp2w7hxQAc9Q5SXw1csu9nHf6ZTPHoOjbUgKwukoEUUG626OmUQOTs9TLP6nPGI4hlzYP9TTaNM2nGTJi0Rt9Oiuze8Ocrr9W7wcv972NcsThZVkNYAzz_AGMCpIu03g4qkpI8mJx18UbyVY40EeI8blsYlZkFO3DMITJsRFUZkiDeqYUbDHMPw2JShE1gdRULUmMEOQznYKt7iay0v68crS4oBI1Tlq5Wux6PNT4On1b3UhkN6PUEbWrtNB9us_qNU7PwEoqwJbLmu-C2zLCzWuelPu4nxXxpZZK9oMyWEEUDv_DNnGz3ARoF_r8UC3u6opz0P7QwiiNAj18Jcg9-QVNgzRsUlenndLbM0h9z6EyYs-k1674LfjCi3e6Uael7KBlrig_ccKydPFuQmzPFpJEKoadxf8yNMopmcF8w8p4Jgg2TpRyxCrAAzt6BonnUbIHckNfW4ojtWLKhL7SyfUj0-b9j5ilYfPReM7-lE6-q3Ctwtx7JYenDF8XtJWof3LAagAD8A&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463e45b8a1543eebd7a7904db6c08cf8d6974470163b2047c7dd6d8a24cfa85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1AF 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQdUnqm3y9ImTl-IXAM2mnJszh1kCnxrbhbQT1PvNA2UQjjm8FFJ3w80ypcO74iySPhqGrGYJ8CdAz3-j879_bnv8gPueKPEHaxZm11lx5iAUlliA

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame C1AF 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:18:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1AF 140 KB
43 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame C1AF 18 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:06 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/ Frame 27A5 72 KB
18 KB 15ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca73da8c1a2ddcee2419b1e2707d596876780dea600f5ae4d580c52f8d35abf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 318108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 17947
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Aug 2022 20:03:36 GMT
expires: Mon, 07 Aug 2023 20:03:36 GMT
last-modified: Thu, 25 Jun 2020 05:51:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5E68 0
0 64ms
64ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbj6-M_X0YoXNG8Lh3gO0haaYC8zQ6M1pj7yOsv0Ll4qA5o0YEAEgheySAmCVgoCAtAegAf-HsPkDyAEJqQLUtPo4UE6xPuACAKgDAcgDSKoElAJP0FSoFSorgs-IB3GXtm7E4KEaiOMZqWiVD8nsqh2jTj_9Ag6WDsN_nz0kqDqKrBhITPwnUNRfdPan2ug5EPm9GoKrXpLyhOUjmBeZ9zX_iDkeo76EVFekPiGviS8QYGr0jOhX9SQJlXpUreFikI0vnZUapcgj1QDx5TNMD9x8XcEuEzUbSYp0Kelwz1VHfFuly7f7BtL6Vaii101KjGp2lXHrmTsjEkMSXzY2aiOqJUSV2OzR3gill63IgJ4gqwPLhfgsz1CRXZbnTOuHOSa4Xh8wqU1Ofq2fzsU0srUxJ7PUVfoB47lf4bOYOFeRZstM19QwAXD1xZgg8VqYIYwj6ZQQVm8C_qpp6rnQ0IeZDN-pAMPABOCx5qiXAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfp988GqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQsfDDBNIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTgyNzUzMDIxMDc2OTM2NjQY_9cX&sigh=FAXAzwOd16I&uach_m=[UACH]&template_id=419
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame 5E68 24 KB
10 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:19:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E2B2 640 B
316 B 25ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNU64x_sPHDtj64uP7QoowcdZyMAu3E_lBu6Idbs6r1Is5XKO4m6vX9Jr5ReC6uwM6iUfhqrst_9-H7CaxgwCjBl9R9WhrLwI41M4kRddQgxF8hbpb1zeeWuAYNNHi9fwmxAoZCqc4563Uu0_jil_YYEt0G8zNsglnC6a1wfRi339YGhR34

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AE4F 94 KB
36 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE-sqcWqf4TxoygZlWyct0HKj4OQCYwccYdARKcU2BY-APi3zjWQe9pz7zRpyHO8GFtdtfzWXM-T4fwDbrpNIPrB-cRQ&cry=1&dbm_d=AKAmf-BCij842SlG9R1QaSf08WcK-Vl7UdrFspDacnvS8NTdFhdmMan-RxZVHmlOVDye70sTZizsrEeNKan-SoK4_U0Av-kFx0s06VQBmiTSKQUW8zzkeAK0EHFmg4QUeTi4uReXYd3Go1tX3mNIBrgZuqbvg0yplL8F5moQJas7mYZlisXyrMLmWaqoUxT0HgeECT_xh_GMD0rUTzJmjRAWQC6KpRp6Ma1ksYTZg6AdKLE42cJhZETbrhr1qOG1iJr_qS7w98xJkwNrzDLzGW-wLuiHdIDkJrzeWf36OPFxiM9zWixZWhg8I_9JiL8aZVXrQkcNH0x3R6538NDDrFy0TTjXP6ub_ZhW0SnXtycGRWku26KyE8Z_ifVuOiNKTCzTr6QSL0oQ7-G9PzLc-Yh5w3265ZUFCUadWQiTQdr1b9pxkZsuhuwaz7bRPH-S7mTAMmv3FbQCVz9-SJjtWoJEs4a-ggGCr9GrUbmg5VbGx425dR705jKeMvopNqUT8BxhPc4Y79jLZ96OMZXvIQo8fY9t9uSGyAx37TJAJO3rRYRu_ev-L06ApQjk_pSehrXuWUvGXV-5giVOcDGJSpcVjtJlVQ3Nt04ocAFTteiJnsUdj5cC0q2If4cthd2BUTRlCNFI6Iskx3tYNd-bx9qJDbmbYbFsN-89rn_1SIboOO3Zhl1mcEUx8N9zpCtXXevhjlnzNu4waTazBoxfSxI9KAbuZ65rPvOgHxD9SP8Inebf8HVKoffOChEalQ5hqvrG2igFrGjKepnABZ5umPGJihokHIvvL3_Qt7AegaTpmxLD92pIHUt1AgmjKws9rZiv9AlbW581PdqySqKrU377MNKNEdgFQHRivrEUt6c93J7ex9N-rHHwKEiWHAxPH9GG4YOyfTZ7YJOGS_Q94SsyRai69yoS60ey7PfOYSrkfX41HKhUUqprEEY9Uah76HZti78qFGMmF_HkgVdJH_SfxEyZBofMq2ty-RQrK6H4qjgWfQTtVkU1v537PgoukCbA2AP-fRYwpUlXvzp2IX1X8pwU0Z-ZzFIUajOU18tmSd4uv-gpP9pNLmxENYCilKh2HbF8tQXE1QZMK6GWpShEAPzTOe8KTiF5npuQeKyWSMMlFQJ3Lh6nKNzcV7CDvwOyfPpTKXRzUqWzr0Wxy4edigsEVs_VJwigwPoRAYsWandoyN-5yxt3yuBkQIkPgzQc8Gqvad9_A1vXvwLX3CZR_N1s7Pw3q5Tvp6A2mbSw_xDpoCmRjXoPlxsMa20lEe6jErzHhnTW62UHax02Q_4NDV09lgr9UgN8yAHJjlVoeAuuOmIVGODPu6-4Mb88SBZDLNqEFi3koKXj_dUgXJsY6cg3nHRCb--ElaWPu0MimbZpPB9mzVsh4BwZP4Oe0jVtO1pR_Y7aYWtxNSmoFIvE8_ZA6KnPAnaPxhFdm2PmgcJlodETn9BO1jeti-aMINGcw6BtekD95ZfuWSCQJnA1ZmAVn_1rJRQkt5CDbDVF9f51Epv1xFLrf8ccu_5Fw6yzM5SrdPa7EfT7DIlte2n6mEVcZTSY0YXgUtM7wVvkAaJsneeN8cy7y9_NPOVjwk88SQhWHaP80DBxLvUiMdcXN-y10kufqRSFNxo5rVLhooFeQBMl_ACkTGz1YAqDY3r9--kHJ5st9o0Xl49g-5Yo1x4oGD8HQY4HiLXaasbdLfpJTQdYP-t3rEGAirpIslWL6q4LUZDHs4UFmf5kXZxYCFRnk2QLIqH_Kudj0czuoMA9p5-BqSITjBmYZVOdKU_cqTEsziEqZtlPoZkjCgUl6dxkehPq3oK4-DMDZUkmyrWgiSd0XGjx2eJJNlo1BOQJawhv7NSICwJgqxkBMa-5hY0KJsJ-TH4khaDzEMBO2dOFD19srURTJYyeUzn1MQ__lth0vgB7C31E5k0YEPNMa99AvD89FcnE-fjm3L7NlFcaQWqr-vnDyEOj-qWdpzacJZt7HowNiKzHFj3hrZcqmTqJLyJ2FfyGAxczAbr3WaMHl07Tn92E7jlM_En_tZZ2dgt94hBgih_dj_F5mvmq-lCWe9Wfo8tCuX8VTq7j-YYO_ZFv735BmOFkwa0TqmkRNLPo1jR-LNcy60ZSpF7eP1Mn55nr9Cu7a4n9e3OMf3UmDiQBl7a_T-JsB9SWCx91dmJjl54hCCoN5mmvbU4hSpyzzOj5ma3nqggJTLGxLXFV0JPShfSGMMQtgEhRXcR51tcAfxY7kBWYnFDHjQaxeikx99tL3AnzTBMKIub8fn7SmBECjEO7kKMrI6oT34HNPoFdAYKY72XkAtIHt6CiUujnDDyLHZcoWon2wf3kEHaLeVZG64pOQWbybjYdR1goz1kttSWFxuhwjLeSOaPgwrRVxgj1woDihb2uS5cCW_1PdbkUIQ9370mcGvngU3HJzxBOMrZHGUG_fnNR71wn0TY5miY-LOa6uAv_pi3WsTyNvaE6bfd_1WEtsQPJ2t2Mk28VlT6D4FbpS9SiwW5lqnFO0O8t-TcO1jWm_j3wH2H3STcrzywJ_H9wpuygK9rJGyH7I8xh96uTdXVXM4pFeC71mirkJ89mPjJqyoAPcWRTmw_qONql8MIrEcXQCcnJ_0iHD83ev7A8i6CW-ZGpJBYJVSq7MWJs0zPOkQz5w4752BPF4RqnYHiStLOjO5o1Q7oBAmKXWJZH1kf1fIHPafoB-f6h2a4a4dEguLKn63-nWDwsyEaVBQLtVutQW844NETY1YlNh1XE_9LjPvbDKZmwxScWt5bOWeVdGIwq2ZDUboMqNvO4G2xyiawyY6zHIQHM2JVohbuy1vHAiTJ5YUMG7ecqDL8gyCIQJ78VuFN8dHCC-MhWUNseiRYizVR6v_OG-rHEH2BjoNX0QygTmgexyA61qcYZG46xDoOOcGqwELPZuhNeUV_pjX5hEieiSeuTetCvXvQtmQp6tJjirOA-i9FW_OBw0RPG_Tb5oSlWdra8r4VHha_o2oK_9L-frjafni3FTQWp9QIARytd9U3ho3CFJRwb2XQ6Hs9f9ZrA_RWQK6qgiLAySbSVyvKNhWPn_vOROCPjtpGoPxvEKhS5fk_ZnXE7rNgQOBh3rWPirEuVySWffIODs6Cmq0x8lIgP57XbRqaUDH2K_cYxqPpdXW81WnEx0cykqEPzacSvN_rmcVeCPhoPUsOO9wzcroJqwWbmUDsfT_74-PfhLFmIRklwnTyBTXNUHVt9ZH8cy8lgUnp1RJi6U9uAl-RQU-Wt5__y-7d8dakxgryVA69R5H6N7aCHCpZppIptq1-PxSYN_-su7yJAHxKWDxdUY5k10yEK&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5da915eb66395c9788a006a5386c57441a6703c8955eaf8806f15f40b94629b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE4F 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7a9xV6udgb_dT8_6bZLzqxh019ZLrXTUBBovMNQHn112GzhhyGHah4RPZAUGdQl1N457HaFbR1ijW6dvXQdROZfUwIB3FprIseMPIm1CNf-OkuDU

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame AE4F 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:18:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE4F 140 KB
43 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame AE4F 18 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 694D 640 B
316 B 27ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNX9TG66A5sVXp_hzSkwvTtNy7t43vwg5i38BwCgujlVDktKzvccJjCic3I49w1KJczZhS5gYMCbK02g52KYdoLfwsUfstwQT-HR1ccKuESi28rJETVp2JjJYmBL2_8UGVFq0NSt8pjVD0uZwKVbs1L-FCyhTp1ut9mqOA82fwV5o6IxWK4

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5950 94 KB
36 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7lXodk5lgvd2o4JPrX2e0IHM0Tg4HHorGwVv86ApU-h9K1n3Pb4uMb2to9-_zjq_3kEMI34Z2GZXhiV9yOMLAIawJgw&cry=1&dbm_d=AKAmf-B3_5Mv9i3nxyW1MRcmRq8GGZl2LSu4sQQy8W22dd1XDhaZcuaWKscZk_2TpkgBFR3cXaStXgMFUcxe0ga-WKhD92HuCCpL1FfZ-T2gAmZMWvjMQvIaRbx0saDW9oDEbCxi-02IbE69euoEoZiEoqHGhisF4lPSURTZxyGDI0Nap_E_dBhZMiFUr50c59RmjdOtznS9Dp1lOInUzcTuBCz5SVm0xt0CXaQcOWTw-EvxxAeex2ezGE4eLLUw8ooNybsaG1eBmA0TP3ut9jjFlq6gNLQ1Y5vG6WRaINK7PzglIvp3O0TfXet6rV_Bt-PhUPv5KGEC36viokLW9hinbjokMkGud4e1VTZq1KjIEETU7NwbuPFmM9PeYWFkQ237nlAB28tAtnEYHl9CHwMRcDOO7ZAEYB-z6RmxosPS-aUyBUKrP0Hjis0sbK1hlnKgVXeqvcxqfw9656h7LKVQGK6T3k__QkG_ft1Bd6Vnh38VsX4xZ8I7QfW8VQAOKJ_fY7xRFHp85syPZKGvGkIEP-fDfpYEdLonfH4zNq-MLr-ISjUGYSyTRbeuxVYQKSNNcwJNx2-m5y3GDi2RZGCJgV8sAdw4my92HODkvbDWaXkxviiF3DCHYfU2n3t6k-V4FStYgyp7gfs-wBNv7Psq06AXv_uLCIFogfUXzoUVW9XJMV8fgQEtY9h7rh4rk_zp2_9JvpQbWu9Hq2cVxiFMSFlBLujppdAO_CA-YknXSZRe0W6Zv9i84MKjXimFCLhe0IcC5Qoz9oqyq2dHB985OUz8P3DOBVt1zpqzImbihLOCd3znBZzdT8Le2qNs9Hfr74g9S0hEGnN92JD87v78YSNthtDX6d8x67SpWgLtcRyyiaX3ro_jF8EH037Jh41mEY6MBRwEEJPCRaaU7tg37vtMKBHsBOls2aSj6LiwavofWGiLbl_SBQ0v6sYLfHffTspdirxTOvyQlxe5qQ2SqZ5ts4LW6AUhI39wo-09Yyx8DLcZTd01qKMu2VACU2g5Hs9Vs7EioaNE1AkesUh2ELNwYUcdyE-slbWsO64E7Vt8FpdFa7lhp-iQh4vINJ0IOS6t1B4vxmMiCbdidAqfgAtehmUzIrQdtpPZuVKjUmKGdH_hvMpHklg0GWPZFTEeqQOY19uAqkm5TS9H4s4IiuWHDf-IFm_LXMdGSnbqi9N3l7RuSpTykGh43uwFrBZdJRXJ1Bp7nzcfmEutCOm_FnS3FJRUf8e8kw1sxHy2dPHGv01iw8N0V8onwdhBhxMs_86JJKKUKLGckECkr0fjP2kaKEC89PqNXJ4Olujj8URGsvNv_pGe0a8Rp0QiBuzG0fpCowU9hyINCgtW251P1SibBi0qcaEeUtBjokzFrsGEDJFik-hGPcOiZmqrZEK0Z5_mCMvxJBuMSzkM974QaSUB1w2Bi1sJ7s8RMn5RNX5Co_Zl9eCGwVKOWW78S3mDWVyN9RKYTE2I-CZzxv6WmTwY3W904WQ--W93-p_7IM3748xitVZ_qypC2luFGqSw5p7QvmpamQ4HNlqHL2hrjRNiIZnPQ66MOQAFkDNCS6w0rzHGvKm5nI0ExX12nbZ6KFa8DwnT4QBTybAyuLQqyRMXIQ8e1RY5XcB8vyqoSMrX4YzZ5SqKrv9SUtdUM2IcwrhQ2uFn3OwtD0rqq4MjEn2McpZwqgQem2aw6HJRNlIk1jPz4xXbzq4KH-pw-qSfMvmOTnoo-CjS47BCs8IflmrA8kzJ_aVQhaN_XyoJpcEEqrgRrH7l9o1i38-kNTXuoVQXa6EeNzpCQia6hhou1bvuhXUiLpSOuyGuJdeZ3iaFgds3kPc0_JkQIfusduxIbQOf1mTloy9Qq9BIqUNfpJ0J_u_Sk5T-BR-605fCS4SQ35xqOi6BkbN0wIxrbeW-ozUQGz8eOgmiOmRcEghZQoOhwi21wf6okrbGRVjMmKGjnq-NWzAzQErm9HYFgTyzzVm-Vtb_TCKxABcng6mGIWIFw0WGxJ2VYMXVTjAN6szxHSqPi9iVyBYVe4YEJo81zcjYqZplPhNAuIMvq6Wr59cOyULzUxFiwIux1hLd05fSvqLzgPwzRxHWUacKEommtQwrE8JZ4dX8sOXIZt1UzPYj1X1SpDM7RTL-XLJPJcyqAXGjxVPVoc2r1FuXLeAQzsn47T9BCAA19IvDSvqIr4vurGsjP5RRR83UAEmfMPPVApxSePL-rz7K1N0PxUo9dMzR4s9msR8fcwkBToQd0V7XNEklOLqNfk_3WwVj8ARahBrc2zqdtyzXMJar7JQwmv1gICXhFJnZ5BAEixzcCwd7-Trd6pQPLn4o6l8gDSqba0SxlKVkTb-BznfHsrH4HI0yl8I7_cLLClzkG4BV0eubNFusXVlAHC51zdJKF2Wd3p7cuEP4rydZCOVF4zZBmExODVfszFJzXrXr7DSH8iLKjG-SqY4EDmUaNfpq62hY_FhXUsQMcdCNbnrpuYyJcySx9eIhTxU-aJFEz6W0zPGNVwgDWcTeNegepnxLESm_o-TUXFDs0PiccChqhAaOGSbaM7DqmuwSwyUH3KUhxO5wUjX_xnYENC2I4uXqYzq6DIx3G-xJxceeFKlWrIvMgYpJxaGSqc3-WT4VwcNXnFQfGyAXs5a--dAbmsyYlRaRIUIEDSq5QqQBp2S7W0Z6z6Cwl0B5Bpa0VMXSUPbFmD-Hx55iU4bC7mHICx7KDCY0GDXC7PCpzhCBfu8SSPgS6fgxw-RcSMmtc7H4Du-yId3MY8xJLEmZ9TJyI__d2uG6o025vzQYUUdyOLKLAcuDQFFDzClST2i9s-qdrDSUxK61iattjjvYEGRZPKy218I1SsYar1TNvf1rJJgOodjdoHBvY1KbXLU6GbQdZFDmohurCcTpfLEXLRIcyK92A1FNPlmo6udmDfz598B9R6JYZvzuNII-QIYjWi4-g0_2Q6E6KUFXBkBfSpJlA5e_S1GhKThl2unawMyLvIXrY-Kvsf4F8yFS2jpb4SGXCgacSvh1uXk5-f6GZYL6gFg8aBLebTOmG6HrbeJ8ztu2VQ_B7sGZue2piSeQnY0flmBMb0D52c1NLathYxPmWL6nchNKuqDJ_UDIuCSBBewDVXGn6lEPuOgQsZy1TbTK1OdbEE8af5_t870PNlGyhC6xIMbzItC4l2iYM63GnD8nQ5Kez_OrU6QA4wj7PY_mmbJiSbOxt15AqKUP8eiBpgpNXGq8Ca6CEaRNpjhePBdbbDN9vdeKQcEM2Bb1A9WDAXmCVkbE3U1xpXXQPmDXkYy4YvN1SWxPhKZNP1MFSbiiMDDXZJEiHLqb&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94483fa397623f2d91fe4f12811c1be073f7c61f5149c6bdc4c443ab2f1cf809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36892
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5950 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgmuF7CHvVwldP5C498SjnlyvT89Q189iE8MoVb-aycFbr2lp-WGaMZQ2rRGOOKEg1Ar_q8V2xXjMLfpigMhuQ1cEBRLzsVlAZQDxuXYqLrBNwjXA

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 5950 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:18:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5950 140 KB
43 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 5950 18 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:06 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 2360 11 KB
5 KB 70ms
9ms XHR
text/plain 2600:9000:214f:e600:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e600:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 08:45:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 08:45:07 GMT
server: AmazonS3
age: 13201
etag: W/"adeec079b9660850cec7d21b61dbb895"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: IRLC4btop5RBAvDxicbr8L6jcATRt9HJIVr0NiVibB3w2R7rNJba0Q==
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 2360 11 KB
5 KB 69ms
10ms XHR
text/plain 2600:9000:214f:e600:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e600:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 08:45:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 08:45:07 GMT
server: AmazonS3
age: 13201
etag: W/"adeec079b9660850cec7d21b61dbb895"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _FokZQQdDbIvauFbdsrqkD4RfjWnxVdD-fUfhLi-q7ytTdJUonyU5g==
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8D81 220 B
226 B 21ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

78ac667e9f03ea5949e99ffdcebc7462957dea42d99913e243d350692d9221bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8D81 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8D81 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFBD 97 KB
38 KB 408ms
408ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f25405dde54e641ed5d49a76307df4718c1ddabe430c017dad3b42b457892b74

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGqrZTkvvkCFVRAHgIdHWwDNQ&gqi=NPX0YvzYKKXXx_APjOS_iAI&layout=/sadbundle/%24csp%253Der3%24/16812334555823494425/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 38376
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGqrZTkvvkCFVRAHgIdHWwDNQ&gqi=NPX0YvzYKKXXx_APjOS_iAI&layout=/sadbundle/%24csp%253Der3%24/16812334555823494425/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4ABE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

42ms
41ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1AF 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20220809&sample=0.01

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ Frame 2360 0
35 B 526ms
166ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT

POST
H2 204 /
events1.avantisvideo.com/ Frame 2360 0
34 B 526ms
166ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2360 0
0 105ms
50ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYbnDca6CLKRerA7pgNyIsDIQY5f6XQ1MazHwikEEhwKcs4wAoMGV6KyvbqCP0UQbtJu_JsS0iLTfitoC1MkZyCHYJowWC_nzt3QmqxbC_btMenayYT_bVWXCPc0H_rRzHYKgwqsfk16kN8FhHJHNWGkB_MX9mzEOCuw3h3sBIei_iSCmgux1N-irY_NQqlZWNzGdhemLY7-pK9ksc5uDyedcn8jU3S-poyJgfpOT0Q6f-AJ2Gg0PixBwbyAA4DpNvUD046g23ekV4se8HgIL7mF-PgthbGAZXc8UnbQNvCmmMuD9GNzLzq2LL1xcWGszKgC5O5Et_jvN6AdQA3jyt3WNSJ41rsg9pFWjOLFp0z6DldA&sai=AMfl-YRBrVfAPcHKjHIskA5dIqdH9IzR5NwBFSyDU_rrVIy6GPqg-rgHSH895NuvFOptYNE2nYz1VZgGsyiNAVczD0MM6--mcO-ET6mWk-8wzctu&sig=Cg0ArKJSzNcZqqoBSBLTEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 46ms
8ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvIFJkXr7wn_W4RGvm5hkA62Bk9UHux9_A8ev_g4y5jgUpBDbUv8YdcsPj1jmTa9ukwVc5gajp2mR59hlir4G9mCPzAfV81
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9902
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "d53cdd7a78033fb87e44a85e2bf6cbd6"
vary: Accept-Encoding
x-goog-hash: crc32c=Q3cm9w==, md5=1TzdengDP7h+RKheK/bL1g==
x-goog-generation: 1659879239336880
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9902
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:24 GMT

GET
H2 200 track
track1.aniview.com/ Frame CE07 0
71 B 299ms
97ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&cb=1660220724733&r=www.123greetings.com&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d65=&e=playerLoaded
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B683 220 B
226 B 21ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31068911

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f3aad99750c000cb0f8cb31249aff4bfbc8db3870847a553673b084a68208035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B683 107 B
122 B 26ms
25ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B683 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3D9 603 B
65 B 205ms
205ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530252&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724403&bpp=13&bdt=102&idt=338&shv=r20220809&mjsv=m202208090101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=1&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1137098266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2722&biw=1600&bih=1200&isw=728&ish=90&ifk=195404085&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068911%2C44766069&oid=2&pvsid=3056241058495095&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ndglbs9yc5cp&btvi=1&fsb=1&dtd=353

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 13358789744459950198
tpc.googlesyndication.com/simgad/ Frame 4ABE 104 KB
104 KB 13ms
13ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13358789744459950198

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7558125ba5b265f6411645f5652b0db3085bb0f81582fff1216a2f1518adcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:13:37 GMT
x-content-type-options: nosniff
age: 7907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106467
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:04:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Aug 2023 10:13:37 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABE 2 KB
2 KB 17ms
17ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 9409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Aug 2022 09:48:35 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABE 295 B
319 B 17ms
17ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 9022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 12 Aug 2022 09:55:02 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220724657&oz_l=328&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK ok
s.gk.123greetings.com/2/2.66.1/945541/ 0
0 32ms
31ms Fetch 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/ok
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame B9A9 46 KB
17 KB 20ms
9ms Document
text/html 2600:9000:2057:4400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11838
content-encoding: gzip
content-type: text/html
date: Thu, 11 Aug 2022 09:08:10 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: zUF3dKfJ6dAzncK2qxvMgMjWqWg7u4GLMPkdwvkmThYvF5RBGb4zkg==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 35D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1

43 B
905 B

42ms
42ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3A9QEQn_-GAhiY5_KeATAB&v=APEucNXZP9R2yxWs0KHd-YNZxRfb8hQynNbEKsoGDOvb8hgo2j8R3SHEmxoR8-4jO_5dRa_g5kGPJ4svyEqNUAdq5ZdYovhl-xeszyXFksVFJ766GD5P0iwPyZOGzmGhH9HCYA22SowefDQySlXKgwBfpaz7IUNXCgrBsB181s37oJ5tGb_IT-0
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f42adcc99a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtpHIb8IHlba4vqsTsieRguvbO6Q8MiL2hig5lV8oqTFlNbXLglYWrOnhPrJ1e%2FHNaRSegBIJfP822i6nDWHOlwKBPr86eL2zZAVE%2BuWuC6UTFBS8EGHVLxmNPQAfx4DQ9dgoL6Mi1s40g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 35D4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvT1NGN4jufFrRNzBtztGQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1

43 B
909 B

23ms
22ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3A9QEQn_-GAhiY5_KeATAB&v=APEucNXZP9R2yxWs0KHd-YNZxRfb8hQynNbEKsoGDOvb8hgo2j8R3SHEmxoR8-4jO_5dRa_g5kGPJ4svyEqNUAdq5ZdYovhl-xeszyXFksVFJ766GD5P0iwPyZOGzmGhH9HCYA22SowefDQySlXKgwBfpaz7IUNXCgrBsB181s37oJ5tGb_IT-0
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f42bfeb19a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JxozLtkgF0cODpOTKM7x%2FHfrzMNNrzVFEe3jRNHCFS3ZJ39BFhvdRF40uJ%2FtEviKzAS05Syez9PrJ50eePYzzpDx%2BLBAumjPrr1MpSvjbLwP57D2aKntuqEXEYPxYoaF9xkCm4HojMvcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMGnxlVPcbX4o7kixzA0B8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 35D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI56rVlo93pRt5yLLB3axxI&google_cver=1

43 B
1020 B

34ms
14ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI56rVlo93pRt5yLLB3axxI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL3A9QEQn_-GAhiY5_KeATAB&v=APEucNXZP9R2yxWs0KHd-YNZxRfb8hQynNbEKsoGDOvb8hgo2j8R3SHEmxoR8-4jO_5dRa_g5kGPJ4svyEqNUAdq5ZdYovhl-xeszyXFksVFJ766GD5P0iwPyZOGzmGhH9HCYA22SowefDQySlXKgwBfpaz7IUNXCgrBsB181s37oJ5tGb_IT-0

Protocol

HTTP/1.1

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:24 GMT
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: efb3e7cb-5e4f-488f-8aa7-4d4ae4077b0c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI56rVlo93pRt5yLLB3axxI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35D4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwOTM3MzA1NjUzODI2MzQ5NQ%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwOTM3MzA1NjUzODI2MzQ5NQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:24 GMT
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 418d38d2-c4d3-4b57-8529-68846014eb10
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMwOTM3MzA1NjUzODI2MzQ5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 27A5 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 27A5 26 KB
10 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 05:09:09 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E2B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1

43 B
61 B

35ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNU64x_sPHDtj64uP7QoowcdZyMAu3E_lBu6Idbs6r1Is5XKO4m6vX9Jr5ReC6uwM6iUfhqrst_9-H7CaxgwCjBl9R9WhrLwI41M4kRddQgxF8hbpb1zeeWuAYNNHi9fwmxAoZCqc4563Uu0_jil_YYEt0G8zNsglnC6a1wfRi339YGhR34
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E2B2 43 B
304 B 67ms
27ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNU64x_sPHDtj64uP7QoowcdZyMAu3E_lBu6Idbs6r1Is5XKO4m6vX9Jr5ReC6uwM6iUfhqrst_9-H7CaxgwCjBl9R9WhrLwI41M4kRddQgxF8hbpb1zeeWuAYNNHi9fwmxAoZCqc4563Uu0_jil_YYEt0G8zNsglnC6a1wfRi339YGhR34
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame E2B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1

23 B
172 B

36ms
35ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNU64x_sPHDtj64uP7QoowcdZyMAu3E_lBu6Idbs6r1Is5XKO4m6vX9Jr5ReC6uwM6iUfhqrst_9-H7CaxgwCjBl9R9WhrLwI41M4kRddQgxF8hbpb1zeeWuAYNNHi9fwmxAoZCqc4563Uu0_jil_YYEt0G8zNsglnC6a1wfRi339YGhR34
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Aug 2022 12:25:24 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E2B2 23 B
172 B 78ms
30ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNU64x_sPHDtj64uP7QoowcdZyMAu3E_lBu6Idbs6r1Is5XKO4m6vX9Jr5ReC6uwM6iUfhqrst_9-H7CaxgwCjBl9R9WhrLwI41M4kRddQgxF8hbpb1zeeWuAYNNHi9fwmxAoZCqc4563Uu0_jil_YYEt0G8zNsglnC6a1wfRi339YGhR34
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Aug 2022 12:25:24 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 694D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1

43 B
61 B

37ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNX9TG66A5sVXp_hzSkwvTtNy7t43vwg5i38BwCgujlVDktKzvccJjCic3I49w1KJczZhS5gYMCbK02g52KYdoLfwsUfstwQT-HR1ccKuESi28rJETVp2JjJYmBL2_8UGVFq0NSt8pjVD0uZwKVbs1L-FCyhTp1ut9mqOA82fwV5o6IxWK4
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLK5bfZ7m7NgRpJZIILbrA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 694D 43 B
120 B 69ms
31ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNX9TG66A5sVXp_hzSkwvTtNy7t43vwg5i38BwCgujlVDktKzvccJjCic3I49w1KJczZhS5gYMCbK02g52KYdoLfwsUfstwQT-HR1ccKuESi28rJETVp2JjJYmBL2_8UGVFq0NSt8pjVD0uZwKVbs1L-FCyhTp1ut9mqOA82fwV5o6IxWK4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 694D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1

23 B
172 B

30ms
30ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNX9TG66A5sVXp_hzSkwvTtNy7t43vwg5i38BwCgujlVDktKzvccJjCic3I49w1KJczZhS5gYMCbK02g52KYdoLfwsUfstwQT-HR1ccKuESi28rJETVp2JjJYmBL2_8UGVFq0NSt8pjVD0uZwKVbs1L-FCyhTp1ut9mqOA82fwV5o6IxWK4
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Aug 2022 12:25:24 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESENVb0dZUjhw2WemQ-SZ7_u4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 694D 23 B
172 B 84ms
36ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIXUzssBMAE&v=APEucNX9TG66A5sVXp_hzSkwvTtNy7t43vwg5i38BwCgujlVDktKzvccJjCic3I49w1KJczZhS5gYMCbK02g52KYdoLfwsUfstwQT-HR1ccKuESi28rJETVp2JjJYmBL2_8UGVFq0NSt8pjVD0uZwKVbs1L-FCyhTp1ut9mqOA82fwV5o6IxWK4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Aug 2022 12:25:24 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C1AF 170 KB
59 KB 92ms
26ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Origin: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Aug 2022 11:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/ Frame C1AF 8 KB
3 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFgxNWaepRRuTMrZwpctWuIvntBEv2imahvj8HY_tPqIO4rejJZGhFx55kHj4HzISanG7-219-HKCEMWxNSzOPNYcphPQ6apGeoSunw6rvYNm_2CH9KZftv7e3EQpRbN7RnHfYbe5HkExy4BuQt9E_AAJKnA&dbm_d=AKAmf-CIeSY9bnQyH5FB4iCvtT_eU0e8_gXckBqTbhYt2LIqe0dXfnOMUuAqPmxcgsysSTkxedbtZAPbPUvFSoOglseT9RsBkCcooWhhT7-g-mpGmISvij1IU1UN_QW9KJstHh6U6NVQAzj1jxD32moK7C2MQKiL-WTW1KZqg5VOJuse9-FJzfLGSO7UCwR3EMAv6GwYtTqu6nF4sOLOG9wNgx8JhxoxIhmnbeZAnlWC88IR963_dCHjZOCHsMaSo4VxlinMzD15qH6XQNfVBfIbWji2vHuTG1qNTWT1MGD5W8qQ4HDsvvi1LPvxed5PTMkpxMbbmjQkQxVLCGz1J73G7ulYx0x0fUqjTcftaoFsLgQJN3VxZwi7C0C5xEhG0AhhLk_hiMkkUiS0il4IQ3G9pAovipssI-dH6nxKeoKQkqvc5ZODX8wcTeqxdt8QKhsKAuEwefft3UcUdl_IGVn9YLS1I2-XxWZXS2YobKmPj91bhPQeuD6dR8ArWvHKT90J_dHeelkEc_FEWVXqj_2sFfIpxNTwvCfdaxJByc24yPFbodb9k6CcOEhkT0OICS4NJgJ9bgLfGfJ1pgt4g2dlMYlWG3t3KpNkR3y-E7aiilyCxpemGYe4Wp0u-N0PRCb9OxPm-GooC43VbayCXHLAKlQR-lJNoDvVpyT6PLL0RU65VUiNnqfOeQafv4qCrKqzKY-YOoG9lB1dG51bTsTr3sXxPd2r5X2GnHqi4mUOFz8WIXS8hA7d2BB2c6e60ZUqCpCWtFbpA5wdRsge-2VoJNJP07rKcJj1V8BTV8WdSF9tobL-EPHm3K7tpu3rBzTr-1iqOTOgM-_fmAtRtogaPJ7dykW6WST4eJuRJv8xYYL-Iep_6oLF80ovEgjmR3FGwj5HXi4jFe7tot_BW3v8a1kEa-0nJYofSw4RiAMCGYQqFkZiydXLS9Umf95ic1gqGJHLgRe5ICyyRzMGba5rCAfJR5-DavmBOVqtP0rk_2MsLzHouWcbt2C4UWx2deFnq6l2hanxLhkEDiMLkq195SaYatf6S1z1zrQR3jMLehyYiyI1ExC3Bzb9WIbpr0bMnFiW_j9BHlxTzOPIz6OlxlD37qdcBR_i7gmQfqwL5SZExWJTmPE0xeWMC3UJwO3PBAPIuIFLasSgNThUidSGmY4ksSPb_y6oHIE5C1PCYeY3iBHOFmu4lMSDAWBjP7-K_DTFVmW_uHjq4CdGd_vo5TBiLcPtz0bHCeOfkKmLnjxRbL-tKzSg4YnyML2QYl_z5SlFWvyFK-sSItqcz9r_8cScgyJUHsO7d7lbG2fbjPtlolXCi75R5d7iE7GeBjDqwSjhgajV20YKnI_TnOf4LFVZ5T9JiBP1OhxtrApXgvZ3ET6XwATfXKF7d6uOUa9YdhhkjTm9q9UJCG9Rd7dvD3jW2S0augv5ZSgK8YrhTjK46kDkmRUOzG4RCvuvLnAY46m2348FIWRpqrEvYH_woxEkmvsHpcnszZWFpwkdPPU2cLiutEawuB1H73gyzKCt85RdqmufpXGM7W8MTLC6FqRVhwVNlJc8NAB_oO9Db64twj4khVKT-ZbMVPpe6iJUXn9pkUQq3DHcxqow3RUjsEZ-v9JXYEOPMn-7iLwuBVKCZ2ICuoQMbI7lN_XYdLu-vIpayDLjnSkduFT8Z6VZgWOUfjvQpvIomb6Fyaa6vhRmi8oC-4pkbUTvzvsIDYS6RfYfNV8lEVzh5DnNVEduAEyVsO4Fzn7JSph3TRjGn2PuFDurK9tKiC17Z_7NNVXtSXXpNgRLuri0VZ6u0YJB6kyVeSWTOyA3NesRfPgKOWWimSffdCHKSimjinuFdTOxoWo0QnEKmfZwhwa6WYaPw0ddDMdhvid-R1z46wqN8PVIkx93t6BydQSnImtHWP8lhefWQMLgqBPfgUxWOi_azihOEebFXpM81Fjr6cla5TA18q-qlhLfRnoBLgthvV3U_KdOna3FjWwfbrcNnTP1o1IvUmrxQvKbI4AYE8M2oZSZJAeW1AQVfrlpOHpsXhX0kcqr8EGxGwfQvvDaBzXFbmTXd9w1HPSRcEtt7HhMjezM1tPffmXM_sBAAxdEo5e3NzbS3KuKML-oet6p22NcWhLREyqRYVpuqgng5KhzrHP2IrmRjPiOQ-kUjdKuyNLA6x91-Rhitiju2cYDvGKmHm_tQJBwqad3abLO2RSZLU6l-eSeQVpz9T7W481iDZW6AJdgTbYVuz1s1iKr3OvTy0LnXhq-10lGFrHauR8TnrdiyDWFszqKMcH3-oo8GGatOQAm5PAZpogLcsZGUVXY4WvTm8kOEgp3zSf38ZCcRPDvPpx9lBTvf_m_2-3I-vtv6xqhkHzVIukK9gbW6_UUpXs_s4hVrFnIIND2itwzhIQr6GeVePku7EyOQ9WyrhFVCQMZIy9J11wgd9g4thiR0TstB8uRAFJf6ctnHPxPn1nCiVkLUFkh-3fwJjpL-XqOQwHFzLFKiXRy7BYboFmWdjtXS-umterSV1l_MN40PQfic2ihAlWUp1MONvXq5sx7x0TZyWSVnjZuu5IJADPnCkEWPZk3gX9kQ98rfy3A3vynA3mQ5x5zRyzXRJbHWgV75ciFlfNKz7W_OUDuU6rQbfTXtMS7v8_kcExILLW8Rp2w7hxQAc9Q5SXw1csu9nHf6ZTPHoOjbUgKwukoEUUG626OmUQOTs9TLP6nPGI4hlzYP9TTaNM2nGTJi0Rt9Oiuze8Ocrr9W7wcv972NcsThZVkNYAzz_AGMCpIu03g4qkpI8mJx18UbyVY40EeI8blsYlZkFO3DMITJsRFUZkiDeqYUbDHMPw2JShE1gdRULUmMEOQznYKt7iay0v68crS4oBI1Tlq5Wux6PNT4On1b3UhkN6PUEbWrtNB9us_qNU7PwEoqwJbLmu-C2zLCzWuelPu4nxXxpZZK9oMyWEEUDv_DNnGz3ARoF_r8UC3u6opz0P7QwiiNAj18Jcg9-QVNgzRsUlenndLbM0h9z6EyYs-k1674LfjCi3e6Uael7KBlrig_ccKydPFuQmzPFpJEKoadxf8yNMopmcF8w8p4Jgg2TpRyxCrAAzt6BonnUbIHckNfW4ojtWLKhL7SyfUj0-b9j5ilYfPReM7-lE6-q3Ctwtx7JYenDF8XtJWof3LAagAD8A&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:14:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame C1AF 31 KB
12 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a8c4643090bc508a479abca9b19393744e21ab711641ee147c2495dfd3d8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11917
x-xss-protection: 0
server: cafe
etag: 3600686600815956419
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:21:20 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1058643/63502831/ Frame AE4F 234 KB
70 KB 554ms
171ms Script
application/javascript 52.32.39.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1058643/63502831/skeleton.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.39.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-39-185.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b40c49d5412c38f997f71f7e8c9cef5cb90bf5779de7d4c701e85376939d326e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame AE4F 106 KB
37 KB 86ms
31ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Origin: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 16:26:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/ Frame AE4F 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE-sqcWqf4TxoygZlWyct0HKj4OQCYwccYdARKcU2BY-APi3zjWQe9pz7zRpyHO8GFtdtfzWXM-T4fwDbrpNIPrB-cRQ&cry=1&dbm_d=AKAmf-BCij842SlG9R1QaSf08WcK-Vl7UdrFspDacnvS8NTdFhdmMan-RxZVHmlOVDye70sTZizsrEeNKan-SoK4_U0Av-kFx0s06VQBmiTSKQUW8zzkeAK0EHFmg4QUeTi4uReXYd3Go1tX3mNIBrgZuqbvg0yplL8F5moQJas7mYZlisXyrMLmWaqoUxT0HgeECT_xh_GMD0rUTzJmjRAWQC6KpRp6Ma1ksYTZg6AdKLE42cJhZETbrhr1qOG1iJr_qS7w98xJkwNrzDLzGW-wLuiHdIDkJrzeWf36OPFxiM9zWixZWhg8I_9JiL8aZVXrQkcNH0x3R6538NDDrFy0TTjXP6ub_ZhW0SnXtycGRWku26KyE8Z_ifVuOiNKTCzTr6QSL0oQ7-G9PzLc-Yh5w3265ZUFCUadWQiTQdr1b9pxkZsuhuwaz7bRPH-S7mTAMmv3FbQCVz9-SJjtWoJEs4a-ggGCr9GrUbmg5VbGx425dR705jKeMvopNqUT8BxhPc4Y79jLZ96OMZXvIQo8fY9t9uSGyAx37TJAJO3rRYRu_ev-L06ApQjk_pSehrXuWUvGXV-5giVOcDGJSpcVjtJlVQ3Nt04ocAFTteiJnsUdj5cC0q2If4cthd2BUTRlCNFI6Iskx3tYNd-bx9qJDbmbYbFsN-89rn_1SIboOO3Zhl1mcEUx8N9zpCtXXevhjlnzNu4waTazBoxfSxI9KAbuZ65rPvOgHxD9SP8Inebf8HVKoffOChEalQ5hqvrG2igFrGjKepnABZ5umPGJihokHIvvL3_Qt7AegaTpmxLD92pIHUt1AgmjKws9rZiv9AlbW581PdqySqKrU377MNKNEdgFQHRivrEUt6c93J7ex9N-rHHwKEiWHAxPH9GG4YOyfTZ7YJOGS_Q94SsyRai69yoS60ey7PfOYSrkfX41HKhUUqprEEY9Uah76HZti78qFGMmF_HkgVdJH_SfxEyZBofMq2ty-RQrK6H4qjgWfQTtVkU1v537PgoukCbA2AP-fRYwpUlXvzp2IX1X8pwU0Z-ZzFIUajOU18tmSd4uv-gpP9pNLmxENYCilKh2HbF8tQXE1QZMK6GWpShEAPzTOe8KTiF5npuQeKyWSMMlFQJ3Lh6nKNzcV7CDvwOyfPpTKXRzUqWzr0Wxy4edigsEVs_VJwigwPoRAYsWandoyN-5yxt3yuBkQIkPgzQc8Gqvad9_A1vXvwLX3CZR_N1s7Pw3q5Tvp6A2mbSw_xDpoCmRjXoPlxsMa20lEe6jErzHhnTW62UHax02Q_4NDV09lgr9UgN8yAHJjlVoeAuuOmIVGODPu6-4Mb88SBZDLNqEFi3koKXj_dUgXJsY6cg3nHRCb--ElaWPu0MimbZpPB9mzVsh4BwZP4Oe0jVtO1pR_Y7aYWtxNSmoFIvE8_ZA6KnPAnaPxhFdm2PmgcJlodETn9BO1jeti-aMINGcw6BtekD95ZfuWSCQJnA1ZmAVn_1rJRQkt5CDbDVF9f51Epv1xFLrf8ccu_5Fw6yzM5SrdPa7EfT7DIlte2n6mEVcZTSY0YXgUtM7wVvkAaJsneeN8cy7y9_NPOVjwk88SQhWHaP80DBxLvUiMdcXN-y10kufqRSFNxo5rVLhooFeQBMl_ACkTGz1YAqDY3r9--kHJ5st9o0Xl49g-5Yo1x4oGD8HQY4HiLXaasbdLfpJTQdYP-t3rEGAirpIslWL6q4LUZDHs4UFmf5kXZxYCFRnk2QLIqH_Kudj0czuoMA9p5-BqSITjBmYZVOdKU_cqTEsziEqZtlPoZkjCgUl6dxkehPq3oK4-DMDZUkmyrWgiSd0XGjx2eJJNlo1BOQJawhv7NSICwJgqxkBMa-5hY0KJsJ-TH4khaDzEMBO2dOFD19srURTJYyeUzn1MQ__lth0vgB7C31E5k0YEPNMa99AvD89FcnE-fjm3L7NlFcaQWqr-vnDyEOj-qWdpzacJZt7HowNiKzHFj3hrZcqmTqJLyJ2FfyGAxczAbr3WaMHl07Tn92E7jlM_En_tZZ2dgt94hBgih_dj_F5mvmq-lCWe9Wfo8tCuX8VTq7j-YYO_ZFv735BmOFkwa0TqmkRNLPo1jR-LNcy60ZSpF7eP1Mn55nr9Cu7a4n9e3OMf3UmDiQBl7a_T-JsB9SWCx91dmJjl54hCCoN5mmvbU4hSpyzzOj5ma3nqggJTLGxLXFV0JPShfSGMMQtgEhRXcR51tcAfxY7kBWYnFDHjQaxeikx99tL3AnzTBMKIub8fn7SmBECjEO7kKMrI6oT34HNPoFdAYKY72XkAtIHt6CiUujnDDyLHZcoWon2wf3kEHaLeVZG64pOQWbybjYdR1goz1kttSWFxuhwjLeSOaPgwrRVxgj1woDihb2uS5cCW_1PdbkUIQ9370mcGvngU3HJzxBOMrZHGUG_fnNR71wn0TY5miY-LOa6uAv_pi3WsTyNvaE6bfd_1WEtsQPJ2t2Mk28VlT6D4FbpS9SiwW5lqnFO0O8t-TcO1jWm_j3wH2H3STcrzywJ_H9wpuygK9rJGyH7I8xh96uTdXVXM4pFeC71mirkJ89mPjJqyoAPcWRTmw_qONql8MIrEcXQCcnJ_0iHD83ev7A8i6CW-ZGpJBYJVSq7MWJs0zPOkQz5w4752BPF4RqnYHiStLOjO5o1Q7oBAmKXWJZH1kf1fIHPafoB-f6h2a4a4dEguLKn63-nWDwsyEaVBQLtVutQW844NETY1YlNh1XE_9LjPvbDKZmwxScWt5bOWeVdGIwq2ZDUboMqNvO4G2xyiawyY6zHIQHM2JVohbuy1vHAiTJ5YUMG7ecqDL8gyCIQJ78VuFN8dHCC-MhWUNseiRYizVR6v_OG-rHEH2BjoNX0QygTmgexyA61qcYZG46xDoOOcGqwELPZuhNeUV_pjX5hEieiSeuTetCvXvQtmQp6tJjirOA-i9FW_OBw0RPG_Tb5oSlWdra8r4VHha_o2oK_9L-frjafni3FTQWp9QIARytd9U3ho3CFJRwb2XQ6Hs9f9ZrA_RWQK6qgiLAySbSVyvKNhWPn_vOROCPjtpGoPxvEKhS5fk_ZnXE7rNgQOBh3rWPirEuVySWffIODs6Cmq0x8lIgP57XbRqaUDH2K_cYxqPpdXW81WnEx0cykqEPzacSvN_rmcVeCPhoPUsOO9wzcroJqwWbmUDsfT_74-PfhLFmIRklwnTyBTXNUHVt9ZH8cy8lgUnp1RJi6U9uAl-RQU-Wt5__y-7d8dakxgryVA69R5H6N7aCHCpZppIptq1-PxSYN_-su7yJAHxKWDxdUY5k10yEK&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:14:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame AE4F 31 KB
12 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a8c4643090bc508a479abca9b19393744e21ab711641ee147c2495dfd3d8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11917
x-xss-protection: 0
server: cafe
etag: 3600686600815956419
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:21:20 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1058643/63502831/ Frame 5950 234 KB
70 KB 543ms
172ms Script
application/javascript 52.32.39.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1058643/63502831/skeleton.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.39.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-39-185.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4aff5256b915e992c1b2d3a70e5feeb7e3d1af2948d731b27b5a35afc40f6c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5950 106 KB
37 KB 86ms
43ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Origin: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 16:26:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/ Frame 5950 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7lXodk5lgvd2o4JPrX2e0IHM0Tg4HHorGwVv86ApU-h9K1n3Pb4uMb2to9-_zjq_3kEMI34Z2GZXhiV9yOMLAIawJgw&cry=1&dbm_d=AKAmf-B3_5Mv9i3nxyW1MRcmRq8GGZl2LSu4sQQy8W22dd1XDhaZcuaWKscZk_2TpkgBFR3cXaStXgMFUcxe0ga-WKhD92HuCCpL1FfZ-T2gAmZMWvjMQvIaRbx0saDW9oDEbCxi-02IbE69euoEoZiEoqHGhisF4lPSURTZxyGDI0Nap_E_dBhZMiFUr50c59RmjdOtznS9Dp1lOInUzcTuBCz5SVm0xt0CXaQcOWTw-EvxxAeex2ezGE4eLLUw8ooNybsaG1eBmA0TP3ut9jjFlq6gNLQ1Y5vG6WRaINK7PzglIvp3O0TfXet6rV_Bt-PhUPv5KGEC36viokLW9hinbjokMkGud4e1VTZq1KjIEETU7NwbuPFmM9PeYWFkQ237nlAB28tAtnEYHl9CHwMRcDOO7ZAEYB-z6RmxosPS-aUyBUKrP0Hjis0sbK1hlnKgVXeqvcxqfw9656h7LKVQGK6T3k__QkG_ft1Bd6Vnh38VsX4xZ8I7QfW8VQAOKJ_fY7xRFHp85syPZKGvGkIEP-fDfpYEdLonfH4zNq-MLr-ISjUGYSyTRbeuxVYQKSNNcwJNx2-m5y3GDi2RZGCJgV8sAdw4my92HODkvbDWaXkxviiF3DCHYfU2n3t6k-V4FStYgyp7gfs-wBNv7Psq06AXv_uLCIFogfUXzoUVW9XJMV8fgQEtY9h7rh4rk_zp2_9JvpQbWu9Hq2cVxiFMSFlBLujppdAO_CA-YknXSZRe0W6Zv9i84MKjXimFCLhe0IcC5Qoz9oqyq2dHB985OUz8P3DOBVt1zpqzImbihLOCd3znBZzdT8Le2qNs9Hfr74g9S0hEGnN92JD87v78YSNthtDX6d8x67SpWgLtcRyyiaX3ro_jF8EH037Jh41mEY6MBRwEEJPCRaaU7tg37vtMKBHsBOls2aSj6LiwavofWGiLbl_SBQ0v6sYLfHffTspdirxTOvyQlxe5qQ2SqZ5ts4LW6AUhI39wo-09Yyx8DLcZTd01qKMu2VACU2g5Hs9Vs7EioaNE1AkesUh2ELNwYUcdyE-slbWsO64E7Vt8FpdFa7lhp-iQh4vINJ0IOS6t1B4vxmMiCbdidAqfgAtehmUzIrQdtpPZuVKjUmKGdH_hvMpHklg0GWPZFTEeqQOY19uAqkm5TS9H4s4IiuWHDf-IFm_LXMdGSnbqi9N3l7RuSpTykGh43uwFrBZdJRXJ1Bp7nzcfmEutCOm_FnS3FJRUf8e8kw1sxHy2dPHGv01iw8N0V8onwdhBhxMs_86JJKKUKLGckECkr0fjP2kaKEC89PqNXJ4Olujj8URGsvNv_pGe0a8Rp0QiBuzG0fpCowU9hyINCgtW251P1SibBi0qcaEeUtBjokzFrsGEDJFik-hGPcOiZmqrZEK0Z5_mCMvxJBuMSzkM974QaSUB1w2Bi1sJ7s8RMn5RNX5Co_Zl9eCGwVKOWW78S3mDWVyN9RKYTE2I-CZzxv6WmTwY3W904WQ--W93-p_7IM3748xitVZ_qypC2luFGqSw5p7QvmpamQ4HNlqHL2hrjRNiIZnPQ66MOQAFkDNCS6w0rzHGvKm5nI0ExX12nbZ6KFa8DwnT4QBTybAyuLQqyRMXIQ8e1RY5XcB8vyqoSMrX4YzZ5SqKrv9SUtdUM2IcwrhQ2uFn3OwtD0rqq4MjEn2McpZwqgQem2aw6HJRNlIk1jPz4xXbzq4KH-pw-qSfMvmOTnoo-CjS47BCs8IflmrA8kzJ_aVQhaN_XyoJpcEEqrgRrH7l9o1i38-kNTXuoVQXa6EeNzpCQia6hhou1bvuhXUiLpSOuyGuJdeZ3iaFgds3kPc0_JkQIfusduxIbQOf1mTloy9Qq9BIqUNfpJ0J_u_Sk5T-BR-605fCS4SQ35xqOi6BkbN0wIxrbeW-ozUQGz8eOgmiOmRcEghZQoOhwi21wf6okrbGRVjMmKGjnq-NWzAzQErm9HYFgTyzzVm-Vtb_TCKxABcng6mGIWIFw0WGxJ2VYMXVTjAN6szxHSqPi9iVyBYVe4YEJo81zcjYqZplPhNAuIMvq6Wr59cOyULzUxFiwIux1hLd05fSvqLzgPwzRxHWUacKEommtQwrE8JZ4dX8sOXIZt1UzPYj1X1SpDM7RTL-XLJPJcyqAXGjxVPVoc2r1FuXLeAQzsn47T9BCAA19IvDSvqIr4vurGsjP5RRR83UAEmfMPPVApxSePL-rz7K1N0PxUo9dMzR4s9msR8fcwkBToQd0V7XNEklOLqNfk_3WwVj8ARahBrc2zqdtyzXMJar7JQwmv1gICXhFJnZ5BAEixzcCwd7-Trd6pQPLn4o6l8gDSqba0SxlKVkTb-BznfHsrH4HI0yl8I7_cLLClzkG4BV0eubNFusXVlAHC51zdJKF2Wd3p7cuEP4rydZCOVF4zZBmExODVfszFJzXrXr7DSH8iLKjG-SqY4EDmUaNfpq62hY_FhXUsQMcdCNbnrpuYyJcySx9eIhTxU-aJFEz6W0zPGNVwgDWcTeNegepnxLESm_o-TUXFDs0PiccChqhAaOGSbaM7DqmuwSwyUH3KUhxO5wUjX_xnYENC2I4uXqYzq6DIx3G-xJxceeFKlWrIvMgYpJxaGSqc3-WT4VwcNXnFQfGyAXs5a--dAbmsyYlRaRIUIEDSq5QqQBp2S7W0Z6z6Cwl0B5Bpa0VMXSUPbFmD-Hx55iU4bC7mHICx7KDCY0GDXC7PCpzhCBfu8SSPgS6fgxw-RcSMmtc7H4Du-yId3MY8xJLEmZ9TJyI__d2uG6o025vzQYUUdyOLKLAcuDQFFDzClST2i9s-qdrDSUxK61iattjjvYEGRZPKy218I1SsYar1TNvf1rJJgOodjdoHBvY1KbXLU6GbQdZFDmohurCcTpfLEXLRIcyK92A1FNPlmo6udmDfz598B9R6JYZvzuNII-QIYjWi4-g0_2Q6E6KUFXBkBfSpJlA5e_S1GhKThl2unawMyLvIXrY-Kvsf4F8yFS2jpb4SGXCgacSvh1uXk5-f6GZYL6gFg8aBLebTOmG6HrbeJ8ztu2VQ_B7sGZue2piSeQnY0flmBMb0D52c1NLathYxPmWL6nchNKuqDJ_UDIuCSBBewDVXGn6lEPuOgQsZy1TbTK1OdbEE8af5_t870PNlGyhC6xIMbzItC4l2iYM63GnD8nQ5Kez_OrU6QA4wj7PY_mmbJiSbOxt15AqKUP8eiBpgpNXGq8Ca6CEaRNpjhePBdbbDN9vdeKQcEM2Bb1A9WDAXmCVkbE3U1xpXXQPmDXkYy4YvN1SWxPhKZNP1MFSbiiMDDXZJEiHLqb&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:14:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame 5950 31 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a8c4643090bc508a479abca9b19393744e21ab711641ee147c2495dfd3d8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11917
x-xss-protection: 0
server: cafe
etag: 3600686600815956419
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:21:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86B2 143 B
163 B 20ms
19ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 11:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 5E68 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:18:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E68 140 KB
43 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:24 GMT

GET
H/1.1 200
OK ok
s.gk.123greetings.com/2/2.66.1/945541/ 0
0 31ms
30ms Fetch 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/ok
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220724893&oz_l=4014&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 5A0D 387 KB
110 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:24 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvCZwRGdTjbQjZ3NA15qBf6D_dlN5UXmXTEAzGyHSfceexCt3zYl9yrCMI65HCk9tvYolkfDxCyRPMvOPdYkLDBLQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111956
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "903f07ee74bf08435b31bae7c312f6d2"
vary: Accept-Encoding
x-goog-hash: crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation: 1659879239099576
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 111956
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 851A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=3363491782769356&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 210ms
147ms Preflight 2600:9000:2057:e600:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 11 Aug 2022 12:25:25 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: ES27J-2SngYgdtvx0eeIiHAsyTE0EBAIkl8DJBAQ2sOmki9CyqY_Uw==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame B9A9 183 B
936 B 149ms
149ms XHR
application/json 2600:9000:2057:e600:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4910f09396f1d69b6c6e8cae9725987d1a546935b33b8176f251956991226fa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA6-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 183
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Thu, 11 Aug 2022 12:25:25 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: PrR3An-3kIphG9Fr0i4fyT8v1XAVLXVCO_gpmn-xrJbieP3I-_tkiQ==

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame A0EF 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8567633850215880225/ Frame CA95 131 KB
36 KB 57ms
27ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d3947cda9018d61f94dee7905e3de869292ad8d1039606303c8d4d64a50178d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:25 GMT
expires: Fri, 11 Aug 2023 12:25:25 GMT
last-modified: Wed, 05 May 2021 19:01:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1AF 0
622 B 124ms
62ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudT_eku-gR0Z1CtYHUHQdxm0ubekfSIXST8K1otY6uanOPmUvUyKR6jGUrgrp6BzZDipc3IkK_qlfJ7Mid64m2FUMD1uhi42paE-9l4TxZvaKgdbr-yawlK0jy_vjDksddW2DVA2vGC2F-cL0m-Crqp2iDz4IpH88N-IiyraTYGUoGZejTP_Z7RjlTI4fA0to_GlSU87tizY7AF3T6ZWJrPLaMuNTuZaqjxxYFyDBiMX3imL0YhvKVTVXQofnaMSC4vsFMty6HBInIzH-vapd47zXA8udtV-27feMnfDoamG4z-ZvPXqaSNgJpk5pZGGk_Zkt66VfwGVChchKVfBhgPCq4E0vKy9CrqKZE7zpRF6PjK8kbBkVBkhwmAurkWp3HCm9yyIvqa6Ne5lzGLM_o8RedNH0UYqLeh_fEwVffX_aEyz0Iyen_hCXxnwXTDoUC5RTQhvbYuPqD7I0z3G99ANq-wdQKo1ThoE8EPpzp2GfugjSnkzqSMkLyD-Mboguv1JBQgh2oK7IjlByQyU6pxBN-UR17hbgRYZiC2s-duso9XJhVb27svW2hxRHA4nhu9zSMoDISDIAlVhNEPV9mLtAXhhez6FvMiPyq_Mkm6tLr1M7_PnOSv0cO2UBGTsDKsm046NLfNSaixmS56mmyy_2Dmzj5NMDg272eufoqs7D5jeBQpNyRgjZNwOck17_yEe6PBwc6sdIUvAsDnts5HliDepiYofrMSOu3zk5HP9IBF5DcqsjxUN_fVryF266XiwYSyQJcOGhLWJNBj3MCwmxuABtwN53AR_vZWImSUv3UjrXoc2ERApyG2IGlnTiRmxRQeJ2gPGgUmV1-k6l_Rm4uUaS1gn9KMdR9GugbU98tMplRCkA2rhKcwLdZCzyitYbzjPq2o66ZlF4eDff0RjPDck_zyyMPUVHyyneknyYMKyBzdBwvFP5PXpokCq2mVcHNYpmmHcmhUPcpuJDb0i6cpdmbJ5a6mIwcob6ikqF4nCYSYYimNS3o7Ec-KgmU5nHwIJ1XgukuJjtMIYmqq1LOPZn4HzrTSPs9UyeseN7KDerzNtXdYkZl9VRQllddzQJtq5k07CmUYgcgiLtOhhVCIf9Q-D7zpLWnq4PeLL-nHIS_E4fUeiIhV2g0s48RulzM_R4erLaWsOtaPvVKx9Sc0a784XXqPQAUalYAatGaetsCL5JzX4N36NrTfDoXA5iYMueb53PhuRjGfD_joHkCA-P62rmb6Ow8k0cwK9jA-GZlf10&sai=AMfl-YSUSbll8v3sA72kKJlvmEEjHPgkv1ex1EphA3FaNbvBedEwtxfEyRpWace851vmrvC49eFPhd3eO5nCKzYlIEbR0kliLJoglN9HSl-jpFA9K3GefWU19Ox60xkLt9ICr5x2RQyMvWGr4MrsNut5SnxbJTV7xdiAv5OE961a2aXBrTepU0GiN6qTTsS-1pFG9iZI_uIAJkf3KOCieEeFuGneM7juGah85bhcSkT-IPlUML9DflkDC0p_0QXWs7T_4GU&sig=Cg0ArKJSzIl7nDpo-fAJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&cbvp=1&cstd=229&cisv=r20220809.60383&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 11 Aug 2022 12:25:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13127382153671314628/ Frame 23FF 6 KB
2 KB 25ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1fd4a7b5aa78e41c8557fd0e17753aa29e7a5848d20b193e8e1c986e0e20eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 277390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2132
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 07:22:15 GMT
expires: Tue, 08 Aug 2023 07:22:15 GMT
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5950 0
64 B 111ms
63ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRku5f71Fhtm9T4wuiq2hib_7wYdbHWmwIoVrsMAnJ74wTdPnQE8PlRv2yZOfRwF2rGqhoB0s8urAflFbwvuara6P8sJ-qqrIjQTYaBoZXQ_S5w7gJ2MDgIE8lhMEcPOV6PzqaUdwkhbsI521UIL4rWvaSgzivUWkblVICiE1NyxcWPQPP8PYeiAG4R1Mp5wEDLcxGpmJwqA0rEJxX-uSgtSPYsEWUDiDCn68P1X3pssw8LaIz7GTPaJXzlTY_t9sSVSz_CoW3OqdNRONaTJ25mE7cxqG5E2iJSjeanPavUYMvPFinXzw6eX6yTwUvDtx8uqSTYyw6tTKcNhoW0odSwKIyb0yPE40hU4RE-FT71nrsYZQ6C59a3pzXfh0gYRefxZR0fuRbI90f1WGKAvaOTemrFBO_J8FPLArObP1tNXhnWUuhxgvlVBrY3s83he94obJQn2mYgn7khyzAFGuKu6hsDNuopSClkuWbYD3Suz9szIFukU99JhMPRB56nqXzuyEQIPjsJ4ajGsGQTNH9MZD6Pn68cQp1-0s4F2x0JmVruv2Rd0lmALPg_Rgm9kbR8xkHYTCryjJrSIQ3uZCvbHFkIIOyYzcfMrZPHaOidtTwOiRHFRS4r-Y3Yrk4Vn9VPVDam6rxjNhAH-_U7JoSFpgh7rJseZ4OJ8kpz441Gj8n6psqBBupNxp1mbFFW0t6f9d25r_FgTqjUKNmMgqTVuwhHbP5mZAlW8jGgnwfRrZcHFxFPIYuqPurdH2QHP617qTh_mlEIo3ZVV9V8vxWGg2tsJLPZ3vV0FqZxCofzHWmzLUXZ-BurRFRFSrLSRsomxVWkGBFPyz7lBbZxnZ0DH3GVOtD1vbrW14az6yh25STwBTqdE5F_POZoJBhSI74lE140v53KDPJiRrFZpKkFPp7KFLVX5i4tIE_wgzewVZLeLFe3WW7x7Zal1j-8z3qFC_q-GXLZoZuT_iz_wVYljw1TCE8yXdNvI49yo7_mS_gVFe8Dw6sU1UjQZmfRT42jJl94PESEYsUnwLjZIrQsDOxKwZhFz9s1lfLGykHzwrcqkrDALTv1liZWTcdyZrimYXp80t2N8sszTzjfrBOu4HdpSP97QB-iOO9ad1iNkxucpFKILB213VRzmWeYK6-DMh3IH1Jf-H_Y6Ts6ypNMMJXCDcGEQPFG0sT5qwmiJFGen6uGRmXCE2XrXLd4XZ68KJ0vXl7GvgrccBQbsPTZehV&sai=AMfl-YRSC_R2we689dcSJA6lDFLc6z5mJdxHjqI5VVuHZVlrOn4nRRyWW3HjsZmYGNp0SvfylIU23gAlSMPdFrVSbSxev3k_mD15WjqzO4EQXsMVGOysiUWwxxiYQn9fmCEozyLv3hc9aHnatopDtRsxBXAhrCn9I_CsD-L5_YxWWSq7P7Xcs15UYT62iRdxX_V2MJDfOfyQIh-8tXf-zgIvRkWjib8nDycQ2XnPAN1Uiac&sig=Cg0ArKJSzJFfbb5v4pt8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&cbvp=1&cstd=224&cisv=r20220809.40455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 11 Aug 2022 12:25:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C1AF 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
DATA 200
OK truncated
/ Frame C1AF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f09ff6c7ffceeb5e3fb30c1ac915ff21f7777edd70225fa038b039d32c339c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AE4F 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5950 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13127382153671314628/ Frame 8C65 6 KB
2 KB 14ms
14ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1fd4a7b5aa78e41c8557fd0e17753aa29e7a5848d20b193e8e1c986e0e20eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 277390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2132
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 07:22:15 GMT
expires: Tue, 08 Aug 2023 07:22:15 GMT
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AE4F 0
27 B 88ms
59ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN645SzDv7Kdfzxcbv_iZfnCEH8brVerOCyMGBQT087iIqGLVXY2OE5nnEBiOHRL-PLimCBbDQk1qXaPML_Mp2Q245-5wC5l9hKkwyucDa0xyEq5b2GUo93A8jd6r6g06ez_RRxU9jWK_x1Laaec-fHUUeT667I1mvnL-gHimPj_9CQmakR8MJUWpAOLPaXW3CYSnCZX4UneGJYPIMiqM_6iBWfg4PHZr3AyhY1cbG6w3NVPnTw9wpIQxDLGSeWd3g68ypEr1vJgmzwoh1CfR9Arz6X_CZy0WCax-MWeAJK9H9-stjRghqly3jmuOgy1Ua_Su3G5trz9dtKbN_VcAr_PxtDp3SzmCrhYqFZnC18vs-vHWaNaGlKhhkEpLT4qzrf0yYsK4-1VxGi8XHfHEtctPHVCxsjPEevvBHMtTXgULQXsEK8DhXP3__J1yAqxfKVeMAJ9WLV7Hid8lkBUs56izu3YYMNYb2WU3OUR4efL2g1MMcoW8i76FJTRazgA5BliLjG4d25mKxiS5WadldNAPeMSed5jlDykOKxyLFKPPkaCeF13Hrh4EqGm_9Yv0SOSL37MCEjn-dTjB6eEYLh046cWm60eDx80O6IzaEWsb-KCVliOfjkIAoPa0ygyWW8yPCvKAg7KV3dMleqmlB3u7hm74MqMCwfCb_RuKgKum5ERqxoCElKe19a2sUrED0fIkP0DGubIxBlJObnP4V3yzBl1Q--LPjdYs09Rbide5TgXi9US5K8eUYirgDmIDdzXsgSkj7a5zYtccQPBz2ER6XAanyLlKOsjayx7hyjZnug6x5sjLjtB5KfkDryUPMQIUj7Hn7WOpcEeNRQnq5ogqSfd-sZay5Ab-9swk5RlJ8x6bJSMBMI_e6uweZD5aLps2_bA0LBE2E7sz8do0uDfngIPDwA9vg4WkX0gN4YfitSC_tNgSBvyYx-kzX8CAytS809vE4_LjM0jsAd2i2djKypOEzOZ7uZi6XQthrPr_Yy6Cwblhu3XEOBIR8jbKEjr_xU1CJ-311tDOVdgTT4lRgmp-02U3xChzMviwC_wik3mzt0eWJVX1BXPZRdJUb8K38QLfGBCXrDVT9uJXiNM8Lgq6ygEQc3KjAQ6czTu5l5wHB6Z77pXwvatcEqUvVcUG7bDhfQfiEN_n7ZA3Ah2MZw8p4ZKHlMnQtk9hZbxsOcmHHTwLsuqJgKh15zV-WprAtFth2KTWVzL1rBDu-byX-&sai=AMfl-YRpRiFVEOsvl9aMCai-Iff-FIRQSQA5b2Sh3my-wuq-V54Vg2K5fxQ-AhvS9Q-K9nKBG_bG0Srk6YKD9Opgy1smaS9K8fRpq2X4xgHdSKm-Cd24Knvn-48UNtNIeMcgm1tJPq7QNzEZtKBPwCtN-0NbicsbNrkItFSEEwfslm0g2ImfSgoXHtr9z6g0nCUHc-uUi6-Dqbaboy6eGX9083yGfYdRXo6W2h0P16fQBFE&sig=Cg0ArKJSzCJHvnRxa42yEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=354&cbvp=1&cstd=352&cisv=r20220809.74601&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 11 Aug 2022 12:25:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame 5E68 18 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:06 GMT

GET
DATA 200
OK truncated
/ Frame 5950 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68a1b8fdc4ccc7d873c1cebb0e88ccb1743551cc0c3b4377d30df1ae9ca4e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AE4F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 244ee144885993515408a2f2101b8ec44dc88ce521740f627692c385e20baee5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

38ms
37ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 12:25:25 GMT
expires: Thu, 11 Aug 2022 12:25:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
95ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=835eea5d-0168-448d-8df8-305f24a0407a&rando=44&pid=611eda6c0903a33c051dbc64&cid=611edd025340b7439c55794f&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&e=inventory&vi=100&cb=1660220725225
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE07 0
0 50ms
50ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-8SXhgTc9o1-UMMg2M5jY9dKTmOQbi0XU678XBqikQU77YsZKHvaE9jyHdjKWtrHBDbze5ta3f91frIgSj3bYwNZXor28EWiZH2BbrZfSoGGe9isOw8HfltmuQ9Zvyj6CrQhHmGWHelk3fKFx-cAGDHsAolO8Rmj9riTXnoclvEPN-EvwolA2YA3kMEW_e67ATif2N1jKLZMKqAXXMc4Njo0i1F5UHzWU6X4bZUoXWIPkPaZXVLz87ukggjA_xd4hxvL2CfCvO9GGZY76bpI_beXsLOniFrShT_mhz4-P0OAdqg1YM8VTExBDzOQqarAu71RrsY1qadbc2SxLRlnJEEjQ6ArEgAK9NA&sai=AMfl-YQ--O236GKiHkNxdFTicWRlHhvUu2FM92P3RflCTvP9MjbTzl41YI9w1rQksRYUk-Vm4mUyQ-6BH_nN_eC-6kc-pNGSRiJFbK39kWhJULtS&sig=Cg0ArKJSzGyCvpoWte5BEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:25 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 23FF 236 KB
63 KB 160ms
16ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:40:25 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/13127382153671314628/ Frame 23FF 62 KB
16 KB 15ms
14ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee95d7939be6fe4b021522fc3736a8fc0304ce0a0951c35cdf7493c5f7890a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame CA95 110 KB
38 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Aug 2022 16:04:34 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame CA95 87 KB
31 KB 146ms
14ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 14:11:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B683 0
0 52ms
52ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbLD1nMTcvHYQ-aBPwMWShSbbZEjkGezTZ_F-07maKYI-P2vDb8ehZCyPugpb_OY5Jkze5SuROBluAt5tydlb0xn1dKZETwOqxbfDYxnGbjqAxIrVVyOAL7eDY_jH_He3GgIdh0IBh0XP6ju0VHimBblUZovYXH-EHD3pYJLWY3w8Sg-gmL9fseiFyB6ryGzhSYBB8Ui20YmkTNYCRxCAE8iQ9L4KHSgdB5J2FL0PGO_iFXv5Q1fk0URpjUFB3hkGbg2lVrb-tRfRt24cuqV7QQ0K_8IghdeFsI9HBnNl7QrAEeW9JizHCK2iOzctno83ex_sJPlGrNQAMeQsfMQSB_IGZszH8ij-sXQ&sai=AMfl-YRb0YpkzANXXnqrRLxzsBGV-di3D52IsHiInnSS3TzDvEK9_Tx4be_pRtwcrubn3j2aBksVwDepZpT5YHRxLp3107jan0cxkVhuYb2ck4GJ&sig=Cg0ArKJSzBTXwZLk120YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B683 14 KB
11 KB 68ms
68ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e48d8c8d68b0d385f02e56669e65cfa52a0275aff7a4c33cd4a7c63c5182cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11252
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 31 KB
5 KB 451ms
130ms XHR
application/json 3.224.43.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=611edd82ba4f701d4d14c7dc&AV_PUBLISHERID=611eda6c0903a33c051dbc64&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&AV_CHANNELID=611edd025340b7439c55794f&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=611edd82ba4f701d4d14c7dc&AV_TEMPLATE=611eddbb0ab5df1de52e23a1&d36=6.2.41&responsive=1&sver=2&avtoken=725224&omv=1.0.1&clsid=835eea5d-0168-448d-8df8-305f24a0407a&rando=44&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1660220725308
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.43.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-43-174.compute-1.amazonaws.com
Software: /
Resource Hash: 33207345cd83120dd0383018867718a80efe05ac733f63b9620869b8576c03b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 30 Jul 2022 22:38:45 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 5 KB
2 KB 15ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e4154a94be3d0c84dad8123bce099da9ab83cdf6b482c2fe9208176682e20ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 261832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1962
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 11:41:33 GMT
expires: Tue, 08 Aug 2023 11:41:33 GMT
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/ Frame BFBD 24 KB
10 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
server: cafe
etag: 6346700346671359222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:19:09 GMT

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame 27A5 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 11:29:15 GMT

GET
H3 200 300-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/ Frame 27A5 10 KB
10 KB 15ms
15ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/300-1.png

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66adf84f211a98031ffe507228d09384130c2109aaf86fb981fb8515dc0f330c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 318108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10166
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 05:51:13 GMT
server: sffe
date: Sun, 07 Aug 2022 20:03:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 20:03:37 GMT

GET
H3 200 300-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/ Frame 27A5 10 KB
10 KB 16ms
15ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/300-2.png

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d082d5e10b0651f7d5615499190306f7f4246e275cbe4eecdf81ec6d49c797f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 318108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9883
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 05:51:13 GMT
server: sffe
date: Sun, 07 Aug 2022 20:03:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 20:03:37 GMT

GET
H3 200 300-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/ Frame 27A5 8 KB
8 KB 16ms
16ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11436176916142585012/300-3.png

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74bbc30a37f0d2dbec7a1977236d447fb25e932fd7001e131010cd522540625b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 318108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8301
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 05:51:13 GMT
server: sffe
date: Sun, 07 Aug 2022 20:03:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 20:03:37 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9461 22 KB
8 KB 17ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 590360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220725289&oz_l=6367&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8591 22 KB
8 KB 17ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 590360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 50DF 22 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 590360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E68 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c8d1c35332c3cfc08e0cf7e780a4761eece6091967e78fd9adfb8559675840c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 8C65 236 KB
63 KB 23ms
20ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:40:25 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/13127382153671314628/ Frame 8C65 62 KB
16 KB 21ms
19ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee95d7939be6fe4b021522fc3736a8fc0304ce0a0951c35cdf7493c5f7890a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B683 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:25 GMT

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ Frame 2360 107 KB
34 KB 8ms
8ms Script
application/javascript 2600:9000:2057:4400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 00:23:56 GMT
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 08:12:47 GMT
server: AmazonS3
age: 43290
etag: W/"7b1a9ceb08392f5edf168e210f7c817e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Usl28QWcpcQuVgqctq_iPLAQIzTzuE9F
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: didC83MWSuYurzeVIhg5pBeYWJm75PAmdI0GkuVgLUcDbFPc1usXIw==

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC42 143 B
163 B 14ms
13ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 11:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame BFBD 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:18:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/ Frame BFBD 18 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0
server: cafe
etag: 15631871522064371328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 12:15:06 GMT

GET
H3 200 lineto-circular-pro-book.woff2
s0.2mdn.net/sadbundle/8567633850215880225/ Frame CA95 59 KB
59 KB 17ms
17ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8567633850215880225/lineto-circular-pro-book.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 10:59:13 GMT
x-content-type-options: nosniff
age: 523572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60088
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:01:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Aug 2023 10:59:13 GMT

GET
H3 200 lineto-circular-pro-bold.woff2
s0.2mdn.net/sadbundle/8567633850215880225/ Frame CA95 66 KB
66 KB 22ms
22ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8567633850215880225/lineto-circular-pro-bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 10:59:13 GMT
x-content-type-options: nosniff
age: 523572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67852
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:01:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Aug 2023 10:59:13 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DD01 9 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Aug 2022 13:42:57 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DD01 26 KB
10 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 05:09:09 GMT

GET
H3 200 img.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 53 KB
53 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/img.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

785625865a3ef35af76cba3f15ef1895925cff6e282d9aec1f20d8482efe30fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 262057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54245
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
server: sffe
date: Mon, 08 Aug 2022 11:37:48 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:37:48 GMT

GET
H3 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 2 KB
880 B 17ms
17ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/cta.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23dc04ce283fb7ab656d112b55f2d8d9d3f37eb8698e1defefc95c4ece328dd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 262057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 842
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
server: sffe
date: Mon, 08 Aug 2022 11:37:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:37:48 GMT

GET
H3 200 Headline.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 12 KB
4 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/Headline.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a3b8b5069b05e8fc4cf48a7e8ad1c40ba9d11626dc32b0451d6ea0b09d850

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 262057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4380
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
server: sffe
date: Mon, 08 Aug 2022 11:37:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:37:48 GMT

GET
H3 200 Txt.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 28 KB
9 KB 19ms
19ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/Txt.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4232d7975ca4fc1e6188befb8d99540d345e4b1dce5eb4b418bf4e49d4ceb65

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 262057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9050
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
server: sffe
date: Mon, 08 Aug 2022 11:37:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:37:48 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 3 KB
2 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6b69ba0757b1def6071366796fc763cc84df9c7c3f0a862f2fca906792c54b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 262057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1510
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
server: sffe
date: Mon, 08 Aug 2022 11:37:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:37:48 GMT

GET
H3 200 ES52.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ Frame DD01 10 KB
4 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/ES52.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16812334555823494425/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ca1dc49d5322b47dc3f27b0013377031a7e39c52cc23c05edea489b39e4588

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 262057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4007
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 11:21:10 GMT
server: sffe
date: Mon, 08 Aug 2022 11:37:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:37:48 GMT

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 107 KB
34 KB 13ms
12ms Script
application/javascript 2600:9000:2057:4400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 00:23:56 GMT
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 08:12:47 GMT
server: AmazonS3
age: 43290
etag: W/"7b1a9ceb08392f5edf168e210f7c817e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Usl28QWcpcQuVgqctq_iPLAQIzTzuE9F
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: KPD2BTsfhARHs9CaBF8t2HbDJLPyhRGv-IkuZGvvYdYNoT4lvNuXUA==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A0EF 0
12 B 15ms
15ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tm6KGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 /
events1.avantisvideo.com/ Frame 2360 0
34 B 172ms
172ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT

POST
H2 204 /
events1.avantisvideo.com/ Frame 2360 0
34 B 172ms
171ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6BBF 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:08:27 GMT
expires: Fri, 11 Aug 2023 12:08:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 258F 783 B
534 B 28ms
27ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98adeebe61c6d760fb95ac163b8b41446775d976ae6b2f9b80177db16f5927c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j0vj0t72ZLsAegQ122potg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-j0vj0t72ZLsAegQ122potg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:25 GMT
expires: Thu, 11 Aug 2022 12:25:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bg_day.jpg
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 23FF 35 KB
35 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/bg_day.jpg

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75008e33e394f2cc922d017e94cebdb81a5389dcfa4b808cce8ce778f0fed846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36189
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5950 0
26 B 56ms
56ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRku5f71Fhtm9T4wuiq2hib_7wYdbHWmwIoVrsMAnJ74wTdPnQE8PlRv2yZOfRwF2rGqhoB0s8urAflFbwvuara6P8sJ-qqrIjQTYaBoZXQ_S5w7gJ2MDgIE8lhMEcPOV6PzqaUdwkhbsI521UIL4rWvaSgzivUWkblVICiE1NyxcWPQPP8PYeiAG4R1Mp5wEDLcxGpmJwqA0rEJxX-uSgtSPYsEWUDiDCn68P1X3pssw8LaIz7GTPaJXzlTY_t9sSVSz_CoW3OqdNRONaTJ25mE7cxqG5E2iJSjeanPavUYMvPFinXzw6eX6yTwUvDtx8uqSTYyw6tTKcNhoW0odSwKIyb0yPE40hU4RE-FT71nrsYZQ6C59a3pzXfh0gYRefxZR0fuRbI90f1WGKAvaOTemrFBO_J8FPLArObP1tNXhnWUuhxgvlVBrY3s83he94obJQn2mYgn7khyzAFGuKu6hsDNuopSClkuWbYD3Suz9szIFukU99JhMPRB56nqXzuyEQIPjsJ4ajGsGQTNH9MZD6Pn68cQp1-0s4F2x0JmVruv2Rd0lmALPg_Rgm9kbR8xkHYTCryjJrSIQ3uZCvbHFkIIOyYzcfMrZPHaOidtTwOiRHFRS4r-Y3Yrk4Vn9VPVDam6rxjNhAH-_U7JoSFpgh7rJseZ4OJ8kpz441Gj8n6psqBBupNxp1mbFFW0t6f9d25r_FgTqjUKNmMgqTVuwhHbP5mZAlW8jGgnwfRrZcHFxFPIYuqPurdH2QHP617qTh_mlEIo3ZVV9V8vxWGg2tsJLPZ3vV0FqZxCofzHWmzLUXZ-BurRFRFSrLSRsomxVWkGBFPyz7lBbZxnZ0DH3GVOtD1vbrW14az6yh25STwBTqdE5F_POZoJBhSI74lE140v53KDPJiRrFZpKkFPp7KFLVX5i4tIE_wgzewVZLeLFe3WW7x7Zal1j-8z3qFC_q-GXLZoZuT_iz_wVYljw1TCE8yXdNvI49yo7_mS_gVFe8Dw6sU1UjQZmfRT42jJl94PESEYsUnwLjZIrQsDOxKwZhFz9s1lfLGykHzwrcqkrDALTv1liZWTcdyZrimYXp80t2N8sszTzjfrBOu4HdpSP97QB-iOO9ad1iNkxucpFKILB213VRzmWeYK6-DMh3IH1Jf-H_Y6Ts6ypNMMJXCDcGEQPFG0sT5qwmiJFGen6uGRmXCE2XrXLd4XZ68KJ0vXl7GvgrccBQbsPTZehV&sai=AMfl-YRSC_R2we689dcSJA6lDFLc6z5mJdxHjqI5VVuHZVlrOn4nRRyWW3HjsZmYGNp0SvfylIU23gAlSMPdFrVSbSxev3k_mD15WjqzO4EQXsMVGOysiUWwxxiYQn9fmCEozyLv3hc9aHnatopDtRsxBXAhrCn9I_CsD-L5_YxWWSq7P7Xcs15UYT62iRdxX_V2MJDfOfyQIh-8tXf-zgIvRkWjib8nDycQ2XnPAN1Uiac&sig=Cg0ArKJSzJFfbb5v4pt8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=783&vt=11&dtpt=555&dett=3&cstd=224&cisv=r20220809.40455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1AF 0
26 B 54ms
53ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudT_eku-gR0Z1CtYHUHQdxm0ubekfSIXST8K1otY6uanOPmUvUyKR6jGUrgrp6BzZDipc3IkK_qlfJ7Mid64m2FUMD1uhi42paE-9l4TxZvaKgdbr-yawlK0jy_vjDksddW2DVA2vGC2F-cL0m-Crqp2iDz4IpH88N-IiyraTYGUoGZejTP_Z7RjlTI4fA0to_GlSU87tizY7AF3T6ZWJrPLaMuNTuZaqjxxYFyDBiMX3imL0YhvKVTVXQofnaMSC4vsFMty6HBInIzH-vapd47zXA8udtV-27feMnfDoamG4z-ZvPXqaSNgJpk5pZGGk_Zkt66VfwGVChchKVfBhgPCq4E0vKy9CrqKZE7zpRF6PjK8kbBkVBkhwmAurkWp3HCm9yyIvqa6Ne5lzGLM_o8RedNH0UYqLeh_fEwVffX_aEyz0Iyen_hCXxnwXTDoUC5RTQhvbYuPqD7I0z3G99ANq-wdQKo1ThoE8EPpzp2GfugjSnkzqSMkLyD-Mboguv1JBQgh2oK7IjlByQyU6pxBN-UR17hbgRYZiC2s-duso9XJhVb27svW2hxRHA4nhu9zSMoDISDIAlVhNEPV9mLtAXhhez6FvMiPyq_Mkm6tLr1M7_PnOSv0cO2UBGTsDKsm046NLfNSaixmS56mmyy_2Dmzj5NMDg272eufoqs7D5jeBQpNyRgjZNwOck17_yEe6PBwc6sdIUvAsDnts5HliDepiYofrMSOu3zk5HP9IBF5DcqsjxUN_fVryF266XiwYSyQJcOGhLWJNBj3MCwmxuABtwN53AR_vZWImSUv3UjrXoc2ERApyG2IGlnTiRmxRQeJ2gPGgUmV1-k6l_Rm4uUaS1gn9KMdR9GugbU98tMplRCkA2rhKcwLdZCzyitYbzjPq2o66ZlF4eDff0RjPDck_zyyMPUVHyyneknyYMKyBzdBwvFP5PXpokCq2mVcHNYpmmHcmhUPcpuJDb0i6cpdmbJ5a6mIwcob6ikqF4nCYSYYimNS3o7Ec-KgmU5nHwIJ1XgukuJjtMIYmqq1LOPZn4HzrTSPs9UyeseN7KDerzNtXdYkZl9VRQllddzQJtq5k07CmUYgcgiLtOhhVCIf9Q-D7zpLWnq4PeLL-nHIS_E4fUeiIhV2g0s48RulzM_R4erLaWsOtaPvVKx9Sc0a784XXqPQAUalYAatGaetsCL5JzX4N36NrTfDoXA5iYMueb53PhuRjGfD_joHkCA-P62rmb6Ow8k0cwK9jA-GZlf10&sai=AMfl-YSUSbll8v3sA72kKJlvmEEjHPgkv1ex1EphA3FaNbvBedEwtxfEyRpWace851vmrvC49eFPhd3eO5nCKzYlIEbR0kliLJoglN9HSl-jpFA9K3GefWU19Ox60xkLt9ICr5x2RQyMvWGr4MrsNut5SnxbJTV7xdiAv5OE961a2aXBrTepU0GiN6qTTsS-1pFG9iZI_uIAJkf3KOCieEeFuGneM7juGah85bhcSkT-IPlUML9DflkDC0p_0QXWs7T_4GU&sig=Cg0ArKJSzIl7nDpo-fAJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=812&vt=11&dtpt=575&dett=3&cstd=229&cisv=r20220809.60383&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 bg_day.jpg
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 8C65 35 KB
35 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/bg_day.jpg

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75008e33e394f2cc922d017e94cebdb81a5389dcfa4b808cce8ce778f0fed846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36189
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AE4F 0
26 B 53ms
53ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN645SzDv7Kdfzxcbv_iZfnCEH8brVerOCyMGBQT087iIqGLVXY2OE5nnEBiOHRL-PLimCBbDQk1qXaPML_Mp2Q245-5wC5l9hKkwyucDa0xyEq5b2GUo93A8jd6r6g06ez_RRxU9jWK_x1Laaec-fHUUeT667I1mvnL-gHimPj_9CQmakR8MJUWpAOLPaXW3CYSnCZX4UneGJYPIMiqM_6iBWfg4PHZr3AyhY1cbG6w3NVPnTw9wpIQxDLGSeWd3g68ypEr1vJgmzwoh1CfR9Arz6X_CZy0WCax-MWeAJK9H9-stjRghqly3jmuOgy1Ua_Su3G5trz9dtKbN_VcAr_PxtDp3SzmCrhYqFZnC18vs-vHWaNaGlKhhkEpLT4qzrf0yYsK4-1VxGi8XHfHEtctPHVCxsjPEevvBHMtTXgULQXsEK8DhXP3__J1yAqxfKVeMAJ9WLV7Hid8lkBUs56izu3YYMNYb2WU3OUR4efL2g1MMcoW8i76FJTRazgA5BliLjG4d25mKxiS5WadldNAPeMSed5jlDykOKxyLFKPPkaCeF13Hrh4EqGm_9Yv0SOSL37MCEjn-dTjB6eEYLh046cWm60eDx80O6IzaEWsb-KCVliOfjkIAoPa0ygyWW8yPCvKAg7KV3dMleqmlB3u7hm74MqMCwfCb_RuKgKum5ERqxoCElKe19a2sUrED0fIkP0DGubIxBlJObnP4V3yzBl1Q--LPjdYs09Rbide5TgXi9US5K8eUYirgDmIDdzXsgSkj7a5zYtccQPBz2ER6XAanyLlKOsjayx7hyjZnug6x5sjLjtB5KfkDryUPMQIUj7Hn7WOpcEeNRQnq5ogqSfd-sZay5Ab-9swk5RlJ8x6bJSMBMI_e6uweZD5aLps2_bA0LBE2E7sz8do0uDfngIPDwA9vg4WkX0gN4YfitSC_tNgSBvyYx-kzX8CAytS809vE4_LjM0jsAd2i2djKypOEzOZ7uZi6XQthrPr_Yy6Cwblhu3XEOBIR8jbKEjr_xU1CJ-311tDOVdgTT4lRgmp-02U3xChzMviwC_wik3mzt0eWJVX1BXPZRdJUb8K38QLfGBCXrDVT9uJXiNM8Lgq6ygEQc3KjAQ6czTu5l5wHB6Z77pXwvatcEqUvVcUG7bDhfQfiEN_n7ZA3Ah2MZw8p4ZKHlMnQtk9hZbxsOcmHHTwLsuqJgKh15zV-WprAtFth2KTWVzL1rBDu-byX-&sai=AMfl-YRpRiFVEOsvl9aMCai-Iff-FIRQSQA5b2Sh3my-wuq-V54Vg2K5fxQ-AhvS9Q-K9nKBG_bG0Srk6YKD9Opgy1smaS9K8fRpq2X4xgHdSKm-Cd24Knvn-48UNtNIeMcgm1tJPq7QNzEZtKBPwCtN-0NbicsbNrkItFSEEwfslm0g2ImfSgoXHtr9z6g0nCUHc-uUi6-Dqbaboy6eGX9083yGfYdRXo6W2h0P16fQBFE&sig=Cg0ArKJSzCJHvnRxa42yEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=801&vt=11&dtpt=447&dett=3&cstd=352&cisv=r20220809.74601&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA95 7 KB
5 KB 55ms
54ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad629a0adc789df1884b24d2600ae9e746c09e870e2cc75ab0ae55d2bee9191b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame BFBD 0
20 B 51ms
51ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGqrZTkvvkCFVRAHgIdHWwDNQ&gqi=NPX0YvzYKKXXx_APjOS_iAI&layout=/sadbundle/%24csp%253Der3%24/16812334555823494425/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg_night1.jpg
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 23FF 37 KB
37 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/bg_night1.jpg

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c341c56d3a7ebc2c196900b581422649e0e6501b706e0a49e4b6609c5a188c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37550
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

GET
H3 200 bg_night1.jpg
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 8C65 37 KB
37 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/bg_night1.jpg

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c341c56d3a7ebc2c196900b581422649e0e6501b706e0a49e4b6609c5a188c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37550
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA95 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:25 GMT

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9461 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8591 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 50DF 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 2D00 46 KB
17 KB 12ms
10ms Document
text/html 2600:9000:2057:4400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11839
content-encoding: gzip
content-type: text/html
date: Thu, 11 Aug 2022 09:08:10 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: bxwjhmJ4jcU3GJXYRnqkbwYFcplMLcw-gRk1X0SJ1hPo8MdP0d22Qg==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H3 200 logo-thalia-dark.svg
s0.2mdn.net/sadbundle/8567633850215880225/ Frame CA95 3 KB
1 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8567633850215880225/logo-thalia-dark.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ea034100be07afe86d592616c5741f11ba29528c5feb624f62295bea3cab46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 10:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1457
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Aug 2023 10:59:13 GMT

GET
H3 200 60016526_20210224054223518_728x90_background.jpg
s0.2mdn.net/ads/richmedia/studio/60016526/ Frame CA95 33 KB
34 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60016526/60016526_20210224054223518_728x90_background.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6714cc1369d9cec58aca8527d87c422a4775b6c72795eed25ae54c0463f8e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8567633850215880225/index.html?e=69&leftOffset=0&topOffset=0&c=kjeqWz3tWP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:04:24 GMT
x-content-type-options: nosniff
age: 19261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34292
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 13:42:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Aug 2022 07:04:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BFBD 0
0 23ms
23ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi8gbHKJXdGIMsNGCsKQhOpfluPAJTjhLB8k3JkIqe35_M3L1byh20aTGsW_HuZxEmcHSHMHVcmLjK12QUYSS30Bzylw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFBD 140 KB
43 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:25 GMT

GET
DATA 200
OK truncated
/ Frame BFBD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e98b5e6f19043672b522fe5301f1c0c83e5e7cf900d64c8505087e34e8c0891

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 nasties_icons.png
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 23FF 8 KB
8 KB 17ms
17ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/nasties_icons.png

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01284e35609034c53df8fb7d0137434c3464526fa03cd88b0133e9f845ddf2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7948
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

GET
H3 200 nasties_icons.png
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 8C65 8 KB
8 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/nasties_icons.png

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01284e35609034c53df8fb7d0137434c3464526fa03cd88b0133e9f845ddf2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:22:16 GMT
x-content-type-options: nosniff
age: 277389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7948
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 07:22:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC42
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

40ms
40ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 12:25:25 GMT
expires: Thu, 11 Aug 2022 12:25:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 258F 0
0 52ms
48ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=3056241058495095&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FC4 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H/1.1 404
Not Found 4157
www.123greetings.com/events/rakshabandhan/happy/ads.pubmatic.com/AdServer/js/pwt/157512/ Frame 5A0D 0
0 297ms
102ms Script
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/events/rakshabandhan/happy/ads.pubmatic.com/AdServer/js/pwt/157512/4157

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/events/rakshabandhan/happy/?utm_source=eaug_rakshabandhan_remail
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 12:24:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Age: 28
x-frame-options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: close
Vary: Accept-Encoding
Content-Length: 3909
Expires: Thu, 11 Aug 2022 12:39:58 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 80AA 15 KB
6 KB 45ms
11ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=46021
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 12:25:25 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 12 Aug 2022 01:12:26 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0381 3 KB
2 KB 45ms
10ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 12:25:25 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK spotx-pixel.js Show response
play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/ Frame 5A0D 417 B
1 KB 57ms
8ms Script
text/javascript 2a02:26f0:3500:c::5c7b:6843
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6843 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 11 Aug 2022 12:25:25 GMT
X-GUploader-UploadID: ABg5-UxhkfcbGcbhOvkodch6VR5yiQ-P4Abrgulp4VRvnnlBsEcUuDRQZrTgZNveJ8DZbfwyyVKG9RFrrpflFebDPVk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 417
Last-Modified: Sun, 26 Jul 2020 12:32:25 GMT
Server: UploadServer
ETag: "f70554e00ba53d6687836b60f833456e"
x-goog-hash: crc32c=bH2gjQ==
x-goog-generation: 1595766745952958
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 417
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Thu, 11 Aug 2022 12:55:25 GMT

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5A0D 178 KB
54 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvNTaLMxw2N6EgSmzqLD2A5j3PUaLSy6Cil2HnG5Rf80hoKAMSFO6l2cx478bau0FgGdyk-UFJgbYeBxZ3F1KeGVmn4LbJ8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 54791
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "4ecda2f032d9e44c338b378388b06251"
vary: Accept-Encoding
x-goog-hash: crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation: 1659879239799693
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 54791
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:25 GMT

GET
H2 200 avpb6.27.0a3.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5A0D 66 KB
20 KB 10ms
9ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdta9rOuHSn7A7cK2bZs6Asv_lJCG0saijLCg7P0P--zhY3w3Uh4WQWobOASP52PoGuy6jkdivcAh-FLTy-vz4ReS-Xsb-C7
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20155
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "02663a187046d2c733ab719bf1acb66d"
vary: Accept-Encoding
x-goog-hash: crc32c=hd0u7A==, md5=AmY6GHBG0sczq3Gb8ay2bQ==
x-goog-generation: 1659879239908588
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20155
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:25 GMT

GET
H2 200 avpb6.27.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5A0D 73 KB
25 KB 11ms
11ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds4ZBAusWIm2FHJP6nMvQlYFYRoHIs6jWJeu-JQWsWjMtQuohRebRCggdKLNlE8x8Tz9OgZWqza2L1jAcr9ws62XFw2QdCf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 24663
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "d5b1db6426eefd06f3020f82c67c78bb"
vary: Accept-Encoding
x-goog-hash: crc32c=ssQAQw==, md5=1bHbZCbu/QbzAg+Cxnx4uw==
x-goog-generation: 1659879239877609
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 24663
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:25 GMT

GET
H2 200 avpb6.27.0a4.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5A0D 68 KB
23 KB 12ms
11ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a4.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsvFtsbsQs4vv848uxFy-5djKZ5ay8FBK-ja9t5QRxvsOF3GpX0pitfwsHvyrTzBFGTGrqiZ62ONqcHmQjJerdWbjVBFUBD
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22756
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "4fc7c810f44e0d18dd22b52b209cc520"
vary: Accept-Encoding
x-goog-hash: crc32c=8/PGgw==, md5=T8fIEPRODRjdIrUrIJzFIA==
x-goog-generation: 1659879239920996
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22756
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:25 GMT

GET
H2 200 avpb6.27.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 5A0D 71 KB
22 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdudQuxd9AUwsDrPIbVBA-awfrpeAzcn4ZkShHlHBEHjNXomkJQn8sHn72kdsyE_lQOnLTJCJvdNYX7FTjqpA3QJ_w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22126
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "2ae737f175c0550382b15b7d6f5922f5"
vary: Accept-Encoding
x-goog-hash: crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation: 1659879239872223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22126
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:25 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame CF68 159 KB
41 KB 60ms
9ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 12:21:48 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 19:59:20 GMT
server: AmazonS3
age: 218
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
x-amz-cf-id: iXKu6CwElGeiV5jPKxKpilzIPW-it_HKn3kyyZk8b4CUQJMxH4eNtA==

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
103ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=50562&t=1660220725&cip=178.162.209.132&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.41&cb=3929812126&d39=&d65=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=request&cb=1660220725867&asid=623daf9810ba54791c251d39%2C62e65d5c1b91c54f9f6c2269%2C62d52e7f6fcabb30a2154415%2C61d566284039f6201a7b3bc7%2C62d92fa372c2f03c6176c9d5%2C61f27d6798c38c4651179ae7%2C62c597a6b8d5cd2bb37d4304%2C620290f4539a472cae35c509%2C62d66aa0fd33f968415df1d4%2C623075011246244f112d2344%2C62d933438c9fde22f24ffef4%2C62c6a0e0aedf2f2ee43ed1fe%2C62208fddf3f8cf0965576d95%2C61f7a1ed31362927237ede55&ofpr=%2C%2C%2C2.1%2C0.44%2C1.5%2C0.7%2C1.48%2C0.5%2C1.8%2C1%2C1.15%2C%2C2.1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BBF 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H3 200 nasties_particles.png
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 23FF 40 KB
40 KB 16ms
16ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/nasties_particles.png

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1802988d268b823443234e406cdaba4079f0e8dc09e228feca16380f9cf695fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:46:27 GMT
x-content-type-options: nosniff
age: 99538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40904
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 08:46:27 GMT

GET
H3 200 nasties_particles.png
s0.2mdn.net/sadbundle/13127382153671314628/images/ Frame 8C65 40 KB
40 KB 16ms
16ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13127382153671314628/images/nasties_particles.png

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1802988d268b823443234e406cdaba4079f0e8dc09e228feca16380f9cf695fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13127382153671314628/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:46:27 GMT
x-content-type-options: nosniff
age: 99538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40904
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 01:20:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 08:46:27 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220725960&oz_l=729&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 3 KB
2 KB 933ms
932ms XHR
text/plain 2600:9000:2057:e600:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=eaug_rakshabandhan_remail&browser=chrome&utm=eaug_rakshabandhan_remail&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&eu=true&country=DE&hour=12&amp=false

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA6-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.123greetings.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: 4pUDb42urnTe1u2EXM5x3AnIC1DiZWnoMgL7uG40FN29pb2g9etIuQ==

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 0
0 164ms
164ms Preflight 2600:9000:2057:e600:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://www.123greetings.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 11 Aug 2022 12:25:26 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: pG5UN8fiJj4tfgB5wJSl2-2nyYm73kLJBtVSSjTLI1GBnsO3BRDltw==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D81 0
0 50ms
49ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujhiEtBCtceFnkeyTz6k9Ei3A9_IoSlLhk7IPBLWzaXJfv3n4XwcNXJFVsEcMVXrlidG6VvW8ktzyS_44s1UJnIHKpuF3eTIZRkzyWkvSzERS33VQNH_3J-iFgWO-vRdyGo7Uq-RlwyR1UUG3L8fSyO81Nno9cIXIeIJDSfbBonZynjCSw8kujqneAM_5tYcUJQOD8GEbvJkxmj5a44bYyPtk3M-50cKUo7yv12I3o3aKYDqYu_ypSdgGcamZEy29dJHCeKw7MWjWhz6Ujt6rVhsl-ZiK_nQIMTiFKMZQyUDdA5JlF0SaDk9Ed3ztaHNgikcx6OP0QIWKjYj-lUCDTZ8Bzvxi8MdKpCWK6&sai=AMfl-YSTTQONInI8Xc99DVjt_9m13R3RXyuP9R6Ue3i0QHpTq59MsaXcZglXPZqr_CLEivqVv7XJ2MXqmUdOeC0_qhdEx1FR5WUV_ZrwpxtXokFb&sig=Cg0ArKJSzM8S287PJBu6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 12:25:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D81 14 KB
11 KB 64ms
64ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b38496db8d6189eaf0e819f0f01e1bb4ed7d77b0f9344fc38776ff154576708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 12:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10916
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 80AA 0
42 B 55ms
13ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55929584&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:25 GMT
content-length: 0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6264 2 KB
2 KB 73ms
41ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c091fc80f15b31d2d410b4b034245b637c2dd009882599b681a573af7ff0373d

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7390f4324bea925c-FRA
content-encoding: br
content-type: text/html
date: Thu, 11 Aug 2022 12:25:26 GMT
dropped-udsids: 241|230|39|46|13|3|156|10
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s8AMqqRWz4VRHUFGmO5zXxg6RF%2BVu7uw6xmg0vpDDVqmuoUpREQpb3xPkG46TPZeS%2FR5FFx78dIDeTy1hxq0M4FBExxjpTYdA99C0o8IAg9xD6yaoyNjBkHNfeytQGNM7BFYPBgYaplKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 178ms
177ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame CF68 1 KB
1 KB 63ms
63ms XHR
application/json 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.123greetings.com&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 36f3a48ad54be496071f9e37458a8173b3c82fb1640cb641764eeed366714157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:24:39 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server: Server
age: 3647
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-length: 1132
x-amz-cf-id: qX8WP8ijcznUsKo0DyLTpoaFCrIjKfvb9GQEwWEy0L_hGobA4o8Zag==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame CF68 23 B
494 B 47ms
46ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&pid=T9l80T7EffgMe&cb=0&ws=1600x1200&v=22.8.42053&t=8000&slots=%5B%7B%22id%22%3A%22SM_640_480%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!selectmedia.asia%2C611eda6c0903a33c051dbc64%2C1%2C%2C%2C&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: DN99Q6N5AWB16AWXGHZS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Tn4BKdsbOm91wwv-dJpfJQR17rmVaRGbAPJ_mcxDxW1LQCBeGo-4eA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CF68 6 KB
3 KB 27ms
9ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 24074
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Thu, 11 Aug 2022 05:44:13 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: quGBBM5MKXoNzApUphyxK39k3kmvsp0cs6cl9OqQtYwIq2L9K3eemg==

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame DD01 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 5A0D 94 KB
37 KB 52ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: play.selectmedia.asia
URL: https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1627bb40c520719b5b5a219b77c331ffa3eab5b02ece720225d29fcd164db5ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37465
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Aug 2022 12:25:26 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 121ms
26ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 11 Aug 2022 12:25:26 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 117ms
26ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 11 Aug 2022 12:25:26 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 66ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 11 Aug 2022 12:25:26 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 65ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 11 Aug 2022 12:25:26 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 110ms
26ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 11 Aug 2022 12:25:26 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
411 B 118ms
61ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 204
No Content 317900 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 139ms
26ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/317900?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 12:25:26 GMT
X-SpotX-Timing-Transform: 0.000425
X-SpotX-Timing-SpotMarket: 0.006009
X-SpotX-Timing-Page-Mux: 0.001054
X-SpotX-Timing-Page-Require: 0.000407
X-fe: 033
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000029
X-SpotX-Timing-Page: 0.011355
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000314
Last-Modified: Thu, 11 Aug 2022 12:25:26 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006009
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.003102
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
411 B 115ms
16ms XHR
application/json 3.65.16.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1b0cb248f6ba59a86d8308ac01183acf6b5f930c7a5a3422ba184dd588ff989c

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
content-encoding: gzip
x-prebid: pbs-java/1.96.0
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
411 B 116ms
60ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
510 B 41ms
17ms XHR
application/json 3.121.203.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&tmax=7000

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.203.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-203-249.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
198 B 103ms
86ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Thu, 11 Aug 2022 12:25:26 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
19 B 108ms
91ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Thu, 11 Aug 2022 12:25:26 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
401 B 84ms
15ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: f04b99150f1812fd27035fdd98c73aab20627cc67da0837d8eee4a7fbfbb8afe

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
412 B 112ms
55ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 53ms
16ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.123greetings.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1AF 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYbDdD1zoG2ngSFMWB14STpRV2fcoxfGygAGeMX8lcNHLeOLd4-9c0wDxIP_icVfsjQ50zr6LoiTwX16AZT43Bww7e0NHzyJr_4H2rwCe7FYEP50jmDg8DJCYw6WQBBlcUjOV8HF6CcAib&sai=AMfl-YRmR9DXSQJD3FJv7WYWPBrMtUMbTzwHopiHzUUgVTgYv-rxi_DS430fVDcQt3UQ9PG8Y5VzAEYlWNU9ltUAfU9PmfPdIHLZqiesVOzFbA&sig=Cg0ArKJSzOBy5OzWo7UrEAE&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&id=lidar2&mcvt=1120&p=47,560,137,1288&mtos=1120,1120,1120,1120,1120&tos=1120,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3914305483&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660220724254&rpt=845&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame AE4F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1058643/63502831/4.js?adContainerId=brand_safety_NPX0Ys36Js6Y-gasmKCoBQ&cbFunctionName=goog_wrapCb_NPX0Ys36Js6Y-gasmKCoBQ&true_pb=&adsafe_pb=https%3A%2F%2Fstat...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0Ys36Js6Y-gasmKCoBQ&cbFunctionName=goog_wrapCb_NPX0Ys36Js6Y-gasmKCoBQ&true_pb=

1 KB
1 KB

8ms
7ms

Script
application/javascript

2600:9000:214f:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0Ys36Js6Y-gasmKCoBQ&cbFunctionName=goog_wrapCb_NPX0Ys36Js6Y-gasmKCoBQ&true_pb=
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:33:36 GMT
content-encoding: gzip
age: 64311
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 10 Aug 2022 18:33:31 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: Bbder8Lyy791goYLWngqE8WkyrQWlh4SSZCOJlWGwo4ZZSckfBAgCQ==

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: app04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0Ys36Js6Y-gasmKCoBQ&cbFunctionName=goog_wrapCb_NPX0Ys36Js6Y-gasmKCoBQ&true_pb=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame A615 80 KB
21 KB 67ms
9ms Script
application/javascript 2600:9000:214f:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 09:09:25 GMT
content-encoding: gzip
age: 2258162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: fmt0WFNgA4vfxMuI_e5wwf5o2VcBe04UBTG6Ld1pJay6oa0YhY1WHA==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 5950
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1058643/63502831/4.js?adContainerId=brand_safety_NPX0YtisJ8qr3gOZoIGwDg&cbFunctionName=goog_wrapCb_NPX0YtisJ8qr3gOZoIGwDg&true_pb=&adsafe_pb=https%3A%2F%2Fstat...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0YtisJ8qr3gOZoIGwDg&cbFunctionName=goog_wrapCb_NPX0YtisJ8qr3gOZoIGwDg&true_pb=

1 KB
1 KB

14ms
14ms

Script
application/javascript

2600:9000:214f:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0YtisJ8qr3gOZoIGwDg&cbFunctionName=goog_wrapCb_NPX0YtisJ8qr3gOZoIGwDg&true_pb=
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:33:36 GMT
content-encoding: gzip
age: 64311
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 10 Aug 2022 18:33:31 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: D-AdBs5XMHnTsp8Vi_a0QXICqmRLtz6Okxe_pF8DvvDgfbosnouNtQ==

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: app05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NPX0YtisJ8qr3gOZoIGwDg&cbFunctionName=goog_wrapCb_NPX0YtisJ8qr3gOZoIGwDg&true_pb=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame A96B 80 KB
21 KB 21ms
17ms Script
application/javascript 2600:9000:214f:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 09:09:25 GMT
content-encoding: gzip
age: 2258162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: EC7dvZAKXhtUB1ee_iI7Ogob6QVGkWUG8N119gRnfdujOX-9vOopKA==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D81 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 12:25:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5950 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3zqrYGrO79PlE-0xWvxiN9cf4AY2TMtKj1Qu2KDK4HU0UFy08eje1qAm9PRbMRUZT3XUXUS7vD8UqVcOIUBXWwWTWViuxOyECGAnaXmkN0pNAiX6i_hRBQCQI118RU9flMCmcv2_UTFk1&sai=AMfl-YRY7NqYnUJrgXE-i9IImvbKJQmsWU3r1bcrQ-qPenQmr6AGcIhB7dWA0YH59D2z2Ings8bcVM-y61l61PjdBNmGJV4ZCSbpK2dK2RAZpg&sig=Cg0ArKJSzA05E3U9PK4KEAE&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&id=lidar2&mcvt=1159&p=518,970,768,1270&mtos=1159,1159,1159,1159,1159&tos=1159,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4293624944&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660220724250&rpt=907&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE4F 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshYktWVTPMPgJRMmNwKnzfA06FuXFoG5IyL1A1mo3RvmUSARWrZd5cfCZwqINXK4QEUD58MyrZkrneBn50u43MFR0A_8iLS0tKRtSwMRQ6m1QoYEIWUq1exvJ3mbmalefpTOAd82XXBisT&sai=AMfl-YSdZl-xWV83QZ7xkmcbGtZNNiNbP_TKMtGJtLho8GGuCxS3xt_90G-Ex0VsGFZ1AmN4JQED4AlAzC6RVC2UwsdFNwis3UzXM2VWKzwz-w&sig=Cg0ArKJSzAopb290xIDAEAE&cid=CAQSLgCsnQUxHilfmJvni6eDyYrSPpUZMMf1iufEZmp24Tl4PvUfW70wiCO4GMTkUjQ&id=lidar2&mcvt=1161&p=236,970,486,1270&mtos=1161,1161,1161,1161,1161&tos=1161,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1127719608&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660220724247&rpt=893&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 30ms
30ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220726224&oz_l=23&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 392ms
186ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6lFF,pingTime:-3,time:171,type:v,im:%7BpBlk:59%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:171,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B162~0%5D,as:%5B162~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 296ms
96ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6lFI,pingTime:-6,time:174,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B165~0%5D,as:%5B165~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.123greetings.com*&br=c
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 355ms
187ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6lGg,pingTime:-3,time:145,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:145,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B139~0%5D,as:%5B139~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
216 B 258ms
94ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6lGi,pingTime:-6,time:147,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:147,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B141~0%5D,as:%5B141~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.123greetings.com*&br=c
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6264
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&dcc=t

43 B
645 B

99ms
98ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:26 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M2XA3K5T0XPMBCQRRY56
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:26 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RXQ2BF03887K3X0A93WK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6264 170 B
188 B 24ms
24ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6264 70 B
265 B 121ms
47ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 6264 0
0 44ms
14ms Image
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6264
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
915 B

23ms
22ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f43709529a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAKrfAidaQ40tZa1Vhw6Y68ybrvGctR%2Fb%2BY0jVWlNixa9pSiu4O054hsvVM8UdzEU3nxyf5se%2Fz%2FLhDT%2BSFA7Hdw9D3CsP%2BBV%2BnU5H4kIwJMbcgM6g%2BMrlgtexbg6YEIUeNZXIg%2BbPrxQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Thu, 11 Aug 2022 12:25:26 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6264
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=890762f4-f536-4b00-ad5e-9c34cb54595c&gdpr=1&gdpr_consent=

43 B
915 B

40ms
40ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=890762f4-f536-4b00-ad5e-9c34cb54595c&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f435bf729a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89%2Bx8DrZ%2BIy0%2BIiKQxVgZl7Y%2FZW%2F9RRU9ZH8EeXzPbtI4Tbtp1FKdyJPCVUBEuy59Ve4N7oOKYYOQGRnvcNBtg4pi7Pip78IvT2C0fKAIvsGun%2BkTEiPNTh%2BuqK2YwTNu5GT8JqVBGownA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Thu, 11 Aug 2022 12:25:26 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x35 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=890762f4-f536-4b00-ad5e-9c34cb54595c&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 11 Aug 2022 12:25:25 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 6264 35 B
380 B 401ms
99ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Thu, 11 Aug 2022 12:24:42 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6264
Redirect Chain

https://ums.acuityplatform.com/tum?umid=8
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=685542860499

43 B
914 B

38ms
37ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=685542860499
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f435bf6f9a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FY9K1M9ub%2Fl%2FC2rlwYdgcTDmhlF94VROZQAhOW4Tv3VEFhDI%2BjEjpaufzkmg%2FIRa1jBzPvOfaB0CfBQ9KW0zNUKo%2FEOwWiDmPfrwyuFo%2FM0bfwBaUIlSlNyW7jLeGI5bhPtuMSCwf9jyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=685542860499

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 6264 43 B
424 B 59ms
24ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YvT1NGN4jufFrRNzBtztGQAA%261164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
cf-cache-status: HIT
age: 292
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7390f434e8e45c38-FRA
expires: Thu, 11 Aug 2022 16:25:26 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 227ms
95ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6lGR,pingTime:-2,time:245,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:561,mdZ:1805,beA:1994,beZ:1995,mfA:1997,cmA:1999,inA:1999,inZ:2005,prA:2005,prZ:2021,si:2028,poA:2030,bl:2052,poZ:2052,cmZ:2052,mfZ:2052,loA:2168,loZ:2171,ltA:2238,ltZ:2239%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:245,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B237~0%5D,as:%5B237~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:209,readyFired:true%7D&br=c
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 214ms
95ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6lH3,pingTime:-2,time:194,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:569,mdZ:1807,beA:2054,beZ:2055,mfA:2056,cmA:2057,inA:2058,inZ:2061,prA:2061,prZ:2075,si:2081,poA:2083,poZ:2102,cmZ:2102,mfZ:2102,loA:2200,loZ:2204,ltA:2247,ltZ:2247%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B188~0%5D,as:%5B188~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:164,readyFired:true%7D&br=c
Requested by: Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=3363491782769356&bg=!BQalBkLNAAa4hXTbmIU7ACkAdvg8WhqUFMVJotlEqKE6IGm85jjY7ifbK8kEECnnzfXt8JaLA_H_FwIAAAFYUgAAAAJoAQcKABmaIAfhnuW4XNz8z8VPm3MiXJCkiQbPDEzjmQLiPV7XBcgnJY2tJXGrX6D2qkbJWFE1cWIqAiQN_K4q0qB_9zld47OKfKhGamCfgto2xzs1NIFNGury7pN8nqVt0hMZFBX9DYQEJdcdZfd3xbX_uZbsphHe7UB5QFErbkpjXcq0z3sNq-TwI2TCcHxqqEBasAxxtLsxKOyGO73JYWdpqbd4Y7FL88J_Rx7gbyRXn1q3fIVmTkXR4nkyP82FKjndOulKkNbDTjTdSzwMK9ytb2bj-q2RU-Z_3iGqhJN5HGvm3FthQsJfjnNWwvOalv4rm7cRcBZwDpMaUio6MVRGknsAgiac6-IccFWFsCSD8Dfp0z7qi0idTWktEEmZmltb5uO5nSnyZ1LMOFidZgTBjc03QJkvHrNf0QyoS87g13MQTJjtophQ6k32phkxpnrrjBImkMHr24f3vjFEeP8-_atkttWjpDL8HkH79qMbySKttpxaRvXtqbBW_YVonO8NC7S96iBZd-iR59B-WbKeL8YdgqPuWDhlXOzInXz59SdDF2amFdEKfZzk7ASxu2D80Gk85AW3fyrUXgjydfhqrJnt0q1SpUCoIYRAoBAXPEcvEPAV-4vMZK2SbO-7GAeHADtEmfpU2F9LSQCIpnFoo3yHu5ljvNhxeIryaJfnF_IC4cyC0ZPnJu2KABaz7NHkkXmiaOVo56sm88A94JQbTvtBGbU3YNihBm47tIDJvurtjfsTLu3W9AtDPqtS2D753hDeB0z_aHN4BQm_nULB0en5nuTZUUUXUHa6Ex5ADseGqlklEvP8h0nNLphyn0pPZWiSK6id6uiZ4TC1SthoXsx-1LASdJgwVHo7wbsmc0zN_bsgjJG6X5TeND6zuF9hVwVQeLXGA1CjkA_EY1OdCzXUn9DFoZMkgqScrgKkuD1MUmT0u35zPP_r6IiMUCotcvnVwnsjt6tlBNpHS_BWwvCk0TZeB5Mwo3GhXm4QmSFm7OyMDMXQ3eB__nICdiss
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=50562&t=1660220725&cip=178.162.209.132&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=611eda6c0903a33c051dbc64&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=611edd82ba4f701d4d14c7dc&stplid=611eddbb0ab5df1de52e23a1&d35=&d36=6.2.41&cb=3929812126&d39=&d65=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=611eda6c0903a33c051dbc64&nid=58fcbed1073ef420086c9d08&pcid=611edd025340b7439c55794f&ncid=611edcb8be37e2439735ab26&pasid=611edcf789a5c676521f6272&e=bid&cb=1660220726561&asid=623daf9810ba54791c251d39%2C62e65d5c1b91c54f9f6c2269%2C62d52e7f6fcabb30a2154415&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF7E 13 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:08:27 GMT
expires: Fri, 11 Aug 2023 12:08:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FEF0 783 B
535 B 30ms
30ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2c7c0698f63aba670a9e4d63a38b1eb6d2e814fb03e921449ccdd36e2eb8c4f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rpcGt5suQm7KkoCxtx7U3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-rpcGt5suQm7KkoCxtx7U3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 12:25:26 GMT
expires: Thu, 11 Aug 2022 12:25:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204 partner
sync.search.spotxchange.com/ 0
589 B 79ms
16ms Image
text/plain 185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Thu, 11 Aug 2022 12:25:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 100
Connection: keep-alive
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6BBF 0
12 B 16ms
16ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7JiT1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9461 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaD5nNPX0YtqDJYvf-gaB5JmACgAAAAA4AeAEAg&bg=!NTalNnLNAAa4hXTbmIU7ACkAdvg8WqC0p9sAImtXfT0s_2FGExE8mAnawOliuoVzpaJWWs_BtCRhQgIAAANZUgAAAAJoAQeZAxwVJXDtuUBqoCF8SgQfD-JV9sZ_36cIncNHlfaIk4ark2qXfP0xKIYut5x5TUo7UI8c5z1hpe0-9ZlJJEKnajsG-FHKUKApoFR7M7zphR_wYfuFVl79Eq0-YFF-FzdTwEH7uZmw1-U1UtHw8PNtyrJ-TCOkuKA5lPRSueuuiphljTZbwgjlyUtT8mOAgdz0y7FrpBEidJEalkrPVzvOElkfO2EXVKT89vr5p-g4HHqSVY1IsvNGMX4hAqNiyXUQ_yERmLWbU-EISdgYMi4RedvT-0OAgMHOnL0VE0GBiTDWXsXpjZfTFQW2W8ylceZBu9NTP50UADmi0c-MTdp0C3A8MwHdwQXIViyxHqFFzxOqd6jZ6w6f6EuHj55VujxOyUpMkVMgD7Ss3QKYGNk8fCTcP3F4lvTdYh_KqmH6NewxGwxKQeGm9KpCoWufI1yfAEScxqxQ0fIt2i0qfslPcaNNzk6qFVRbXxwh7WgV0ZiJuWbd2UGAqk0o2tq4irS4d-F4wRd4o2U9zloJOMp5w1nS0ev23L7VqLy68BfNhxNEElyT7s8pwV1BxVCqDD52GoICKdqmBEIxmitrIWTlENJZQ7OLCRo8HlntmxsFny7R_G9nba7SoWRJhSukuPGHxn1ncmPlUcVN9IA5jPVuuRQ-wm51PQt4fD7UZFz0ZUwg6zqACEZiUEEmUaQH7Ewf8GsW5BBfkKM05g4QOYA4j_bCZ5f5KpUfAgyKs3jBWuEAwIwGpwU73gCQnE10JixRC13TjeNWTlBag6zSUnBVCEgsUoxrJ99mET2cZTRc_H0Ja46S2-ys7w_Mip09ubsclm6yvHxC0XuXMdTGvtb9H0rIjE3yaePuuXjXlPWBbirgMNyWSvYQkrhqs7ntxN3UqGmJhALa6yzWYCAOmXV2p364nsWpatiSBSB7aIxE-EqTEc-JdQYoZtae83VZ3KQLzmkbOK8AwpnHqO8LzZbgkk9jE1PeQ6xUOJBGRvJgiLr77N-PDCplENBHHPDNQNZv_6D2zqDk-B1LvqE22Ka2uJZqebjctbfATGJq2rer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50DF 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0MuyNPX0YtisJ8qr3gOZoIGwDgAAAAA4AeAEAg&bg=!xMelx4PNAAa4hXTbmIU7ACkAdvg8Wgow7fT8JGB38jIuBAt-hhae7pDnzb-xjLNc2NsyyPavqw90IgIAAANWUgAAAAFoAQeZAzw2nH1v2W0B-W01IKSWlWGE5z4BPJq8opjUYYD1yocyvJF8NEIW6pEswJty-S-KHJ9SINgpGwj2UxlV6Kd9Wwnu2aHPAqZ26xWktizBV4o3jO1kNwE9t1p3-jx_12JPoV10YxwOrrCq_nz6jHmmMx4h4w_ZIl2knDOvcEEHNo1pr9VgyvXOjh2Q0eVoV7vBTWOO2A-DApos-9_GUWLAnfTrw2O9QQYpqoTsUxz4fVIQy3HoqnhJZkoWkwnIxqPyL7Sq3mqUs5wxiraKJzOUUsJ7PoMHcSE8E21HQOjPEkXc21iMsDrhydPAp7FmYM1VL6Xu7H9d2W2EGs8ZtFok8guHyKH23X9DAAVTFiRe7-abp18OlVxoxPULyo0utcnyCHzijXfg0cGq7HOBOYUrHZEKLvxet_c_5Tx6ge0avtKyD4zvA66u9j0sIAVrNyzxIdzeRb_iXVFaoEcR6IyS61gGKbX8F2qc8gEH3fyWYJTsk4rYuzUY85umJhDc7kye1XkrdgQ0q0Tip_0aBV4wMHLj7m3PNuD0S-TRH7aOg8Rm1kGOSdClJeF-lp9iEZUyTrkfczMI4b16JEp2WM2LeXy-1xB3reUVbCNvLKCTwkjqCfDWJydgBfBIiIz02GmgWYszsmsPWm8mmXdM_rvUT6apExtguWHrGNGqaGRUdcIp5MHeADaxQEHSi7NX20uR6QuzTNdM9kG1SDnNY9BNMs3PhCwy6ZOm1du26U-mdMK5CC6B-0X8QShm5U25XGXcC-ebndDhWm82BmKGkDZhk98P7BAYD3XUxp4XpDw20xkZxL0jojmnRV2obIUNGsAITVAUpMj_iJVSjcN5WzsognGTLpxDjUWvDImNZ6QBTvYYAqe-w6VMUf0NC9kROsU0LJGrFe8rUOqLOOYSKAG71EVm1XQa8_Nl1Dr4BqucCSGurHMFe3kF_5YvpB_qgpVVlRYHZ7bjBE4pAPtFfE-c3ShyhS4AyElkt4COosB3DmUnZtCiIYS9oUvqnXZLDbjnlqChcpsxmED9naqycT_f0IfWPKdiXATsihXzLjA7yhbLaXhm54UdoT4cR4zIDVw2U5clafiJWXovaVC0Qv8

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8591 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXes-NPX0Ys36Js6Y-gasmKCoBQAAAAA4AeAEAg&bg=!eXqlej7NAAa4hXTbmIU7ACkAdvg8Wvqcdb0Xu36b606euh4F9mf0WndAc66hXZTXBJ4PE3qUCZqpHQIAAAN8UgAAAAJoAQcKAFJbgBHbZr4Oc8Te_geHyYonG6Y6IxKMlo8eqRbtgxF3IRBrnRltG46TCGwaE2rJOtA2PWSCBlmBoLYEF2aqmNd-D24DzfLO9zjGN9NAdROTN5MCmQM8xLf0q5nqC-o0r9Ux1AWcfL8VJHaok_1eMlenpg5k4CSZ6eZBTj1wCoiWNB8a194lSpUHD9jlgYvXk8hMFxUbQE3SvU8CZrcdLlYEy1zEPM8Rr1oHMCYPGsr3RRsUiJZ5SlCS3xs9bKp9_29EvK9SqQI1f4LzaD0RFZfBp92fmORYd5rd0fZVcMDTXtyn1TSgVquPQ5iJVWAKnQ_ejJcdc5R8aEYt_MycjvUe_VaIJ7-7aKr7C28ugfk-rlzLbeLkUdgXwgzkJENSUC4uRF9_VATx_3VGcjW1jcGUlMF7JbpWWTlnSr1ZOuTprNKE9IHU9K9AYWuaqwwGnk7T1OO4D--uO2ikv746GhJB_yfpu-cI8Xqk4mtgM17V1zoLOPf6ODHa6hObtKgnLN47iqZ8vyeo0QsmcBA-bpfyUL9ruYbRsK99BnVpQiLA5hb3qBcxbVSEwqa4D1ueXmohBPaC24Yno3SWIFNLq7nH1UAtikep0gEqkbOCCENIe6X09z37mKDEoP03_RKT8PM97gW24AY4Ok9wwaSOwwc5952e0H_P8P2FpRXxD61KSEN4EFoe8J4T9csuoRcrja9nv98Mqt9e4uAUy2gVYmCtJCWPNQlpg9pSV1che2CsR02H0bOpnDtyTb4YZ3l1GObL8psYdNy4esRBTXnk08schHHx_vlmr8R4wb3gthsU45-pVyrXrwl4qR_y3oJLuT8_0WQL_HAtXhEm9KytPtuWroHaIyD8LK5Bb4vCAQcHeDK3w6cYGy6eDwnubtXMemELCf1y0mVs7IU5kvZh9it5QEnG3AvkbOCnmsmV8vbzlGRf3R5SNxFtJreFTjCwb7UGqGPCXuokzf2BZm9p27mH5NU_s-SMZtMB4_zuDbYb8mVn76EIjMcut8KbkkET2CXn-31NosDCBxCm8R-J6dimhUNp45Lbh78jFRzDmGzjxs64tZPaxmF6uxFiesWEDRtm2msRlVQ6Rz_Maq35ZykdlmD3YTiHLyZs6mKVLgauX7hgi5CuqSo23MhKn_aXxF09Np8C_M9T4bIfuTjyQB-KVQ9-3vdaMhClkfknotsG0nu2hs52ttMJ8s4dbDNYQhqg

Requested by

Host: 259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
URL: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEF0 0
0 49ms
48ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=1729891198437744&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame FF7E 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:00:03 GMT

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220726811&oz_l=1872&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 91ms
91ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6lNb,time:637,type:e,im:%7BpWait:40,imprf:%7Bttecl:1932,ecd:238,tsecr:226%7D,pci:%7Btdr:540%7D,pLoad:568%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:637,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B628~0%5D,as:%5B628~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:395,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 91ms
91ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6lNc,time:575,type:e,im:%7Bimprf:%7Bttecl:1945,ecd:336,tsecr:96%7D,pci:%7Btdr:485%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B569~0%5D,as:%5B569~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:360,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:26 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6lOv,pingTime:-10,time:719,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660220726959%7C%7Ce4fd95aba40a454f4dfe613cfbfaf7ac%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C7c538cf3e60e26d0533d6416d6f65ba8%7C%7C944eb3746e8f886d858c25589223f804%7C%7Cc5ed3299ac3d456a84ff65e4537a4f18%7C%7Cbb81059aebd1bee1201ed64e72752c20%7C%7C2155bf898f39ec7e1d68fea894e4ae01%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:27 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF7E 0
12 B 14ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EKQ-DQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame 7700 0
0 15ms
14ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660220726558

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3C81 281 B
573 B 39ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 12:25:27 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CC1C 37 B
140 B 34ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 11 Aug 2022 12:25:27 GMT

GET
H2 200 3.0ea6592415db7f630eab-video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 22 KB
8 KB 9ms
8ms Script
application/javascript 2600:9000:2057:4400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/3.0ea6592415db7f630eab-video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a74086f82cb013da72349a9bf62a7f22d9b2fb9f884704d355839c457197cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: VInHaYz5rmT86jAvAmjN5cA6KNI8sQrp
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 08:12:46 GMT
server: AmazonS3
age: 62785
etag: W/"78244828bcac724e8a871024abc49f6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
date: Wed, 10 Aug 2022 18:59:36 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QA2tEs02Y_lnkCq--e6FSePoyq_10994tFUcJYuyX1lva3HPuYz2Mw==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3C81 31 KB
10 KB 7ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 12:25:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=15703
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Thu, 11 Aug 2022 16:47:10 GMT

GET
H2 200 adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
488 B 20ms
11ms Script
text/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.0ea6592415db7f630eab-video-loader2.1-cr.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 11 Aug 2022 12:25:27 GMT
x-guploader-uploadid: ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 2
last-modified: Thu, 14 May 2020 13:22:36 GMT
server: UploadServer
etag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 2
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 11 Aug 2022 12:55:27 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3C81 284 B
536 B 53ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 58ms
57ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvMEhD3d7KKkaA_m0yopaLphYG6VLP2ZcUZUYYJ0ps_kvqjRaczbct4MbL6FacXDXEoZnk6SpbtoprWeIsdDtBqa3JLAqBQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9902
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "a4209a7b3572c977ba0c2af22d901936"
vary: Accept-Encoding
x-goog-hash: crc32c=aQ+pWw==, md5=pCCaezVyyXe6DCryLZAZNg==
x-goog-generation: 1659879239099872
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9902
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 92ms
91ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6lU0,pingTime:-10,time:997,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660220726959%7C%7Ce4fd95aba40a454f4dfe613cfbfaf7ac%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C7c538cf3e60e26d0533d6416d6f65ba8%7C%7C944eb3746e8f886d858c25589223f804%7C%7Cc5ed3299ac3d456a84ff65e4537a4f18%7C%7Cbb81059aebd1bee1201ed64e72752c20%7C%7C2155bf898f39ec7e1d68fea894e4ae01%7C%7C1629390669,sca:%7Bspg:b31bde78-a40b-539b-97a1-611958f46d94%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:27 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 852C 387 KB
110 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvCZwRGdTjbQjZ3NA15qBf6D_dlN5UXmXTEAzGyHSfceexCt3zYl9yrCMI65HCk9tvYolkfDxCyRPMvOPdYkLDBLQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111956
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "903f07ee74bf08435b31bae7c312f6d2"
vary: Accept-Encoding
x-goog-hash: crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation: 1659879239099576
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 111956
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B683 0
0 51ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=3056241058495095&bg=!lpWlldHNAAa4hXTbmIU7ACkAdvg8WucBYIrGAVjLzhhWAEBzLT8Ku9fXqxGn1xlylQPci0xFRFB-XwIAAALCUgAAAAJoAQeZAvMgcDo29gYI30K-dkwKK6z-FXow4-7jcK8viBpZX1n7JFlCJejE0iEkv49QZ5ghQ3A-E3dwH6XpSjEd-Hg_hkqjgpj1izEM78rf8-NFSOcuoV6R0chjhWBTPDiSB0ZhwyEE9rIRCMdEWHuMImxpSsc0LoeVkJYVcGMj9i9snqoiU2v3mN9lrRHeal8DkoqgeAzk--c6EaT4vWHYaZfolDYdSlDYrLqMQPSf13ah6mZjBF_9RE70VcEvKdhyXOekqdpRsXl2Kpb6JinhD0bK_psGPZVLD9W6zw2Lz2Dg-MCsqD_9m1ngb8Df0HEoXjHRYmz62KGN7v_1hPouF4mTBWoPXCVEOK9kJVNNg0yHNu2zKX45yeSgpXwHgLfB2fqaHIiyO39cw7caryLxTJPVfgjHaWUd8qhcvNDkR4tez0gqpPf4cVB58SZhJNZgtCI30-sub_n3-aZuu7HcBE9ERyNkg33rTeoT0ULKs4W11-Bdip6unq4LoLo8NKGLXD07r8wqenievKPRbTV0KlrdFMeQb0Unv0ZGsn-EDzeStiPkNz-qPksTKk3G5itBa_kXQ5xSViOYU9JL94rra4z9kBKHgjMQ67BU1zeUC0hlqftnaM6zMUJKtBQ-RJD4Werz7DsLm62Q2zAPSqAtyQ4BeMzWBa49U9Tb3xHclRgV1NkF0JpHoySUW4T4go7B1_dba6RQYUZKtHNL8BO5cPV8w59zlurpJcCpO7COABxSg_dWq5deSLBZzAmNyQ4GZKMmsVlJFZwRZ8IwB74zIg0-0GZjnDfyS_aWtuIYHXmpT7O_B9Zi_7mLeoLHRfH-lkKsyxpRACMXCRWnI0h-LMNGt-p_uVp2xY-seMs8S0VIKGLL0KPbOGKbGs7MVBu_UAez3U5iFkyZNSUWDOZ0if92FcyO0MY05a32CvkhcwMFTM51s-OAUuCSs93JtnvrVdi0jgqERJeTx1o8W_xebsJa6phqnUJax3uwOoUMDmDwFdhpzcVsMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
95ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=eaug_rakshabandhan_remail&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=3dac444e-5e3a-4522-86fe-8bfee6b6ba11&rando=36&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=100&cb=1660220727372
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 27 KB
5 KB 136ms
135ms XHR
application/json 3.224.43.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source&AV_SUBID=eaug_rakshabandhan_remail&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.2.41&responsive=1&sver=2&avtoken=727371&omv=1.0.1&clsid=3dac444e-5e3a-4522-86fe-8bfee6b6ba11&rando=36&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1660220727395&AV_C_USER_ID=1660220725678-940947081206-007145-012-005154
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.43.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-43-174.compute-1.amazonaws.com
Software: /
Resource Hash: 76dfacfccf206b566f6ef2ad234073f132b1ffbef2c90590d987a01867250464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 30 Jul 2022 22:38:47 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 180ms
180ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 30C2
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D55%26key%3D%24UID
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=55&key=8309373056538263495

0
216 B

303ms
97ms

Document
text/plain

100.25.172.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=55&key=8309373056538263495
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.172.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-172-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT

Redirect headers

AN-X-Request-Uuid: c5199d73-e8bc-41e2-81a7-43ca0a2fde39
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Aug 2022 12:25:27 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=55&key=8309373056538263495
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 10E0 0
0 68ms
17ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:27 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 09B4 0
0 47ms
13ms Document
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Thu, 11 Aug 2022 12:25:27 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame A65E
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1660220725678-940947081206-007145-012-005154&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-0...
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=3&key=GDPR

0
193 B

97ms
97ms

Document
text/plain

100.25.172.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=3&key=GDPR
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.172.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-172-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.123greetings.com/
age: 0
content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=3&key=GDPR
server: nginx
via: 1.1 varnish
x-varnish: 7547448

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 72D3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26bid...
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=200&key=OPTOUT

0
198 B

288ms
98ms

Document
text/plain

100.25.172.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=200&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.172.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-172-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Thu, 11 Aug 2022 12:25:27 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=200&key=OPTOUT
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 3624
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660220725678-940947081206-007145-012-005154%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=56&pid=59c9148628a0612da3689288&key=1c923b83-5e38-4930-baf0-9c0eea54ca8c

0
237 B

289ms
99ms

Document
text/plain

100.25.172.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=56&pid=59c9148628a0612da3689288&key=1c923b83-5e38-4930-baf0-9c0eea54ca8c
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.172.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-172-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7390f43b6ba868e9-FRA
content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://sync.aniview.com/cookiesyncendpoint?auid=1660220725678-940947081206-007145-012-005154&biddername=56&pid=59c9148628a0612da3689288&key=1c923b83-5e38-4930-baf0-9c0eea54ca8c
server: cloudflare

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 852C 178 KB
54 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvNTaLMxw2N6EgSmzqLD2A5j3PUaLSy6Cil2HnG5Rf80hoKAMSFO6l2cx478bau0FgGdyk-UFJgbYeBxZ3F1KeGVmn4LbJ8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 54791
last-modified: Sun, 07 Aug 2022 13:33:59 GMT
server: UploadServer
etag: "4ecda2f032d9e44c338b378388b06251"
vary: Accept-Encoding
x-goog-hash: crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation: 1659879239799693
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 54791
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:27 GMT

GET
H2 200 avpb6.27.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 852C 73 KB
25 KB 10ms
10ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds4ZBAusWIm2FHJP6nMvQlYFYRoHIs6jWJeu-JQWsWjMtQuohRebRCggdKLNlE8x8Tz9OgZWqza2L1jAcr9ws62XFw2QdCf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 24663
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "d5b1db6426eefd06f3020f82c67c78bb"
vary: Accept-Encoding
x-goog-hash: crc32c=ssQAQw==, md5=1bHbZCbu/QbzAg+Cxnx4uw==
x-goog-generation: 1659879239877609
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 24663
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:27 GMT

GET
H2 200 avpb6.27.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 852C 71 KB
22 KB 12ms
12ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdudQuxd9AUwsDrPIbVBA-awfrpeAzcn4ZkShHlHBEHjNXomkJQn8sHn72kdsyE_lQOnLTJCJvdNYX7FTjqpA3QJ_w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22126
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "2ae737f175c0550382b15b7d6f5922f5"
vary: Accept-Encoding
x-goog-hash: crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation: 1659879239872223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22126
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:27 GMT

GET
H2 200 avpb6.27.0a3.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 852C 66 KB
20 KB 13ms
13ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdta9rOuHSn7A7cK2bZs6Asv_lJCG0saijLCg7P0P--zhY3w3Uh4WQWobOASP52PoGuy6jkdivcAh-FLTy-vz4ReS-Xsb-C7
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20155
last-modified: Sun, 07 Aug 2022 13:34:00 GMT
server: UploadServer
etag: "02663a187046d2c733ab719bf1acb66d"
vary: Accept-Encoding
x-goog-hash: crc32c=hd0u7A==, md5=AmY6GHBG0sczq3Gb8ay2bQ==
x-goog-generation: 1659879239908588
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20155
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 12:30:27 GMT

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ 240 B
481 B 120ms
98ms Fetch
text/xml 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969558018080038b3c07fe379f0081&pos=8a969558018080038b3c07ff3c3d0083&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=338&wd=600&reserve=4.8&req(url)=123greetings.com&schain=1.0,1!avantisvideo.com,8079,1,,,!aniview.com,59918a0e073ef4782e4e347f,1,,,&cbb=220727548&imp_id=7cf10d8f-9f56-4c89-b534-68d13a6dc487
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:27 GMT
server: ATS/9.1.10.25
age: 0
access-control-allow-methods: GET,POST
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: X-Nexage-AdTid
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 240
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 33 KB
19 KB 200ms
199ms Fetch
application/xml 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source&us_privacy=1---&cbb=220727551&imp_id=7cf10d8f-9f56-4c89-b534-68d13a6dc487

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2ff85c00c993c4622764a9da65586b838f877635c31e26a5cf8a62fd119be19a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 12:25:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7d0c64b8-56c7-41a8-a22f-0f77c5d46f69
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
96ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=33988&t=1660220727&cip=178.162.209.132&sn=eaug_rakshabandhan_remail&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=60879125157&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1660220727552&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C628b7da850e97943a83f7d3b%2C626a7b5c1576bc4c20574e49%2C62b86e392f65d47a516f6f3b%2C62d3f4e0d8665b0ec66c9327%2C5e9030afdc817965520eb855%2C626a7b7bc98a5f17f9370c17%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342&ofpr=%2C%2C1.3%2C0.35%2C0.2%2C0.2%2C%2C0.15%2C0.13%2C0.12&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 95ms
95ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=33988&t=1660220727&cip=178.162.209.132&sn=eaug_rakshabandhan_remail&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=60879125157&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=request&cb=1660220727553&asid=62b1a8beecf705053613baa5%2C62a704a4e22df13bef59f407%2C6252bf57e35a4e32222ec526&ofpr=%2C%2C4&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D81 0
0 52ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=1729891198437744&bg=!R0SlRADNAAa4hXTbmIU7ACkAdvg8WgfcoKoRVlor6fkBqaqTQz0ct6AwN1rVepvydXoTAvpPiXL5GwIAAAC3UgAAAAJoAQeZAu-c2Ntg5YaSqukIqawq4vNxuG34HDKitoA2AGAYLcFKRfzakmhTZcc4o1XBw8ruR8lwFeU5CseSmWKc08vEZpmRa1RbUsnFL-id4jSVdldKbUL7v2dcvDQyrD27JY22PnUMwVmbZwJkx1xP4IYIuFYLWOOCe5I37la4gVptF2PhiMUk1_HAfFUzEfQeygJa77Z1T9_nIKI-TX-ZKnvEHFYvGtxuHZ0LEAOil6rVRMy1ChBHXD8P7QE6SSA0_euOqpDhaEmw3-NMGNgcbAJ8UDCFl5vQPRgZSBal0wA-iFEDAy2Rwn9Q8S0wcwhnMzd3_7ukCH9LcW8HmAE1jFZ1lUo0sU7cwmnTM0Fc72OLOVEDm_x80VIgxfDWMc8mHy1X8-mVoAAti0UkHW-RUOYQNLCF14skRN23JH7a297TDOYljJR8To4lqK5yORvaaAfcSFQz3dsFmb73LHlHLhkTESuVpy5p-9_T_KSat2jJQcwSEKR_ZpPYmYYvICkzL04tFyTfESbAsb0zoNiIRGOzRcJjDxM8Vy4Dp9lJXMGQM-_5vzKxdtnZTVC_zWKaDCATPC6PfpQnm8JktaNvTZSomgpPHNUNpyUa7jh3iwWHbGM87bd5rUeeana8OyT2V1WvmgTutIdzeSznl4zAFFRV7N3JJgiYqNf-eaILKTrEKHDuJfcO548-FeKZmWXfqSBMy8XzZ_DQzUT-JcmdjdIKj27S6ZgTECjeaDD56TbvlC_gH1Hu1_t8wZcqRyza6uq-3mAuIRXmWfvHaffFQkD9L3K4ux2BeM9Hi6xC8UmcXXNxkOgAe6bzFTh2Os3yuq71kUgWE6UpcdGUiHpJ_PZHuJHb4ebEgFgyN1hJfQKr46K5-LIcwOUjAxQ7U_nujL2rRNXbiyivz7wkP0Wx0GR6oG-9tvdAcK7cjVICP4cvBVHfSxYMRAEjRMIKAVzM79v3u_xrVQbJ2D95n-RHXBbqijE-4zBynLVMJdnbfs5A4T4s
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 9ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.123greetings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 11 Aug 2022 12:25:27 GMT
server: ATS/9.1.10.25

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
646 B 66ms
42ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2217503ce4055514%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225a5105b8d294c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B600%2C338%5D%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.12%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3d1943e1f4846981521912092fa82e66a7da1856583892e3883c9e082ea661

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS190%2BRTPIWTSlg4T3uAPFe2p%2BRoiZQzZx1%2BQZhbPuRITnAyP4GdxsI%2FV0hS2YH0GluY9RpGVRIQPZXymLEPkatccm5eswsbu3Id72HEL4gp8iZPzJ%2Fwt8LD0TRhW4F4C%2Bvk8j%2F1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7390f43b9f309be2-FRA
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
410 B 11ms
9ms XHR
application/json 3.65.16.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a02a5f9c0c416e227068c57b7fbdff5ffae07e526eda8c162d2aea280891abe8

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-prebid: pbs-java/1.96.0
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 186 B
413 B 11ms
11ms XHR
application/json 3.65.16.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3a65b9a882bed44ad92ae80685376add43d876b801508faf8c38dbb201187c4b

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-prebid: pbs-java/1.96.0
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

GET
H2 403 tag Show response
p4dt2-ha1hf.ads.tremorhub.com/ad/ 949 B
1 KB 314ms
106ms XHR
text/html 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=3a7fcd1c-074b-46c6-8359-f0cfc18dd47d&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&hb=1&fmt=json
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:6ea2:7e37:6642:1ce8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 12:25:27 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language: en
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-tremorvideo-status: REJECTED_SUPPLY_DOMAIN
content-type: text/html;charset=utf-8
content-length: 949

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 186 B
412 B 10ms
9ms XHR
application/json 3.65.16.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 93857e76705a5ed56b886f65cd99d86beb656c85d0125c8d46be6ac4eb4cd245

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:27 GMT
content-encoding: gzip
x-prebid: pbs-java/1.96.0
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 115ms
114ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bc124435f33f02919f9354e53597a289d24facf4bba05cb1aea2046ef7aada37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:27 GMT
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 07146f4d-9ac5-4771-8a8c-fd75537f5e94
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
19 B 103ms
103ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Thu, 11 Aug 2022 12:25:27 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 15ms
15ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.123greetings.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
96ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=33988&t=1660220727&cip=178.162.209.132&sn=eaug_rakshabandhan_remail&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=60879125157&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1660220727938&asid=60e594da4123720f2e250d24%2C6102687900a33569ec0d3097%2C5e9030afdc817965520eb855&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 95ms
95ms Image
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=33988&t=1660220727&cip=178.162.209.132&sn=eaug_rakshabandhan_remail&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=60879125157&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&copid=59918a0e073ef4782e4e347f&nid=59c9148628a0612da3689288&cocid=5e8b3e740cd6ad6132403f66&ncid=6252cd490f4ad400b27f24ae&coasid=628cec03ef40666330025114&e=bid&cb=1660220727938&asid=62b1a8beecf705053613baa5&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 180ms
179ms Ping
text/plain 44.224.187.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 12:25:28 GMT

GET
H/1.1 200
OK anwrapper-1.1006.0.js Show response
acdn.adnxs-simple.com/vx/static/w/ Frame BBDD 174 KB
50 KB 37ms
7ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.1006.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5091dcc281c0f1b55c61c40aa4cf2ad40a407882bfccee8c345b5c3529a2fce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 12:25:28 GMT
Content-Encoding: gzip
Age: 15796177
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 50704
X-Served-By: cache-lga21968-LGA, cache-fra19179-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 09 Feb 2022 16:27:22 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1660220728.039496,VS0,VE0
ETag: W/"6203eb6a-2b93c"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 09 Feb 2023 16:35:49 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2, 172551

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 733E 3 KB
2 KB 7ms
7ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Aug 2022 12:25:28 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame A5B1 0
0 15ms
15ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660220727613

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7E74 52 KB
17 KB 26ms
8ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.123greetings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 27842
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 11 Aug 2022 12:25:28 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 250558
X-Served-By: cache-lga21944-LGA, cache-fra19144-FRA
X-Timer: S1660220728.481832,VS0,VE0

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 7E7B 2 KB
2 KB 62ms
49ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923aa9c1832d42685c1f1383ec48cc612bc3439cacb1b2bb21b1b6fafe61b8d5

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7390f4413e218fef-FRA
content-encoding: br
content-type: text/html
date: Thu, 11 Aug 2022 12:25:28 GMT
dropped-udsids: 73|206|4|88|46|47|230|24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTJmOzemgaY3QoG9eJBmtFCryR7p5EpGtw3fDUPfdf9jRZDRp%2Flknumfi%2B3oJZLdWfkiJJ1xw9VW8m76LXPgXeIjdvVvdxKm3YlhIF%2Ff%2B9A6MiWPhZdvIARktvm4rBfWQnYSJhaz%2F3T7Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 91ms
91ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6mdV,pingTime:1,time:2295,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:34%7D,%7Bpiv:100,vs:i,r:,t:1277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1018,o:1277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1269~0,0~100%5D,as:%5B1269~300.250%5D%7D%7D,%7Bsl:i,t:1277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1017~100%5D,as:%5B1017~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:111,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 92ms
91ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6mdV,pingTime:1,time:2295,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:34%7D,%7Bpiv:100,vs:i,r:,t:1277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1018,o:1277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1269~0,0~100%5D,as:%5B1269~300.250%5D%7D%7D,%7Bsl:i,t:1277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1017~100%5D,as:%5B1017~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:111,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7E74 0
747 B 43ms
43ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:28 GMT
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9352e6a0-e5e6-4c30-a1ef-c9750d79be65
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 YvT1NGN4jufFrRNzBtztGQAABIwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7E7B 43 B
989 B 114ms
38ms Image
image/gif 2a05:d018:d29:3601:2eab:9250:340e:ef2b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YvT1NGN4jufFrRNzBtztGQAABIwAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:2eab:9250:340e:ef2b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 7E7B 0
38 B 11ms
10ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:28 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E7B
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6956394433612229920

43 B
911 B

22ms
22ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6956394433612229920
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f4428bda9a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJdpocyPSjDpuB0NqhyOPdhHlWJsWB1O7pw2C6ufZYR3Dffj0PCie1%2Fe2DDH%2F1Mfgiws0LQZ9LQrsi5n%2BpGxpmm%2FzXGAg6GG0pTSfCWXP2vrkMr2H6qzfaboXbGH2Dpb2eP%2FWw%2FKiv7atQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6956394433612229920
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E7B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YvT1OAAFot7OzQAK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvT1OAAFot7OzQAK&gdpr=1&_test=YvT1OAAFot7OzQAK

43 B
907 B

22ms
21ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvT1OAAFot7OzQAK&gdpr=1&_test=YvT1OAAFot7OzQAK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f4430cb79a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky4bs9WjUfJrhueskQJgCHCthk77egUZZiNTV4EKOZtF9AYZ9ejNtROD0%2BBPWWVD19ZcF91DmtPURKCGH73Dg2FRLOiiWjvTNX8Ez4T3%2FY1eP43KzAfZwy34eO1a3C1ciXt4F52potWC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660220729.792976,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvT1OAAFot7OzQAK&gdpr=1&_test=YvT1OAAFot7OzQAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 7E7B 0
0 16ms
14ms Image
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7E7B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0Z7UEXkY1Om7fG5&gdpr=1

43 B
910 B

23ms
22ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0Z7UEXkY1Om7fG5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7390f4426bb49a1b-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBiS96NGg169PwJlN9GeirDl3IOZrxS3WKV4IKFO2UwdRdAd7q%2FVNdeEd%2FpOvS4sLeWlMMQHlWDuTQHP0GQEPQTQBhTTnZTMLnll%2F8tzBlg91TBmhKMaWDO5es%2FdBr5143XQKwPPgnZnLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:27 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0e0b7d4089fc3e73e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0Z7UEXkY1Om7fG5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7E7B 170 B
188 B 24ms
23ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvT1NGN4jufFrRNzBtztGQAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E7B
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1c923b83-5e38-4930-baf0-9c0eea54ca8c&us_privacy=null&gdpr_consent=null&gdpr=1

43 B
566 B

26ms
25ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1c923b83-5e38-4930-baf0-9c0eea54ca8c&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIqoK5kucSMiRLTGF9zTQmwFNxKhs0gTdjAz7Mz%2FQeNIVBMzWpEevf4NRVrc2SKHG4e0G4%2BEQ8OPl%2BaHJRLaNDAf%2F8Ji%2BC86CMINynWjkTuf%2BwmGA%2FcYaFmEH9kvkp65gktF4JXIS3WKsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 7390f4423b589a1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 11 Aug 2022 12:25:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1c923b83-5e38-4930-baf0-9c0eea54ca8c&us_privacy=null&gdpr_consent=null&gdpr=1
cf-ray: 7390f441fafe6949-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 7E7B 43 B
154 B 13ms
12ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YvT1NGN4jufFrRNzBtztGQAA%261164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.123greetings.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:25:28 GMT
cf-cache-status: HIT
age: 294
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7390f441ed705c38-FRA
expires: Thu, 11 Aug 2022 16:25:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 92ms
91ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6mfN,pingTime:1,time:2348,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:1321%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1028,o:1320,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1315~0,0~100%5D,as:%5B1315~300.250%5D%7D%7D,%7Bsl:i,t:1320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1027~100%5D,as:%5B1027~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6mfN,pingTime:1,time:2348,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:1321%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1028,o:1320,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1315~0,0~100%5D,as:%5B1315~300.250%5D%7D%7D,%7Bsl:i,t:1320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1027~100%5D,as:%5B1027~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:28 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220728788&oz_l=106&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7E74 0
747 B 15ms
14ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 12:25:29 GMT
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 32d31ff7-3a9c-40c6-ab24-69b00f17f9f1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 300ms
100ms XHR
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=835eea5d-0168-448d-8df8-305f24a0407a&rando=44
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=611eda6c0903a33c051dbc64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 12:25:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 100ms
100ms XHR
text/plain 54.146.17.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=33988&t=1660220727&cip=178.162.209.132&sn=eaug_rakshabandhan_remail&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1660220725678-940947081206-007145-012-005154&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=60879125157&d39=&d65=&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.17.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-17-63.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 12:25:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6ngb,pingTime:5,time:6279,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:34%7D,%7Bpiv:100,vs:i,r:,t:1277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1269~0,0~100%5D,as:%5B1269~300.250%5D%7D%7D,%7Bsl:i,t:1277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:32 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AE4F 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=b31bde78-a40b-539b-97a1-611958f46d94&tv=%7Bc:kZ6ngc,pingTime:5,time:6280,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:34%7D,%7Bpiv:100,vs:i,r:,t:1277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5003,o:1277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1269~0,0~100%5D,as:%5B1269~300.250%5D%7D%7D,%7Bsl:i,t:1277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a*.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1b.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:32 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6nhS,pingTime:5,time:6321,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:1321%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1320,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1315~0,0~100%5D,as:%5B1315~300.250%5D%7D%7D,%7Bsl:i,t:1320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:32 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5950 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1058643&asId=11e54c48-2ea9-8ecc-d68a-25d224bbf6d4&tv=%7Bc:kZ6nhT,pingTime:5,time:6322,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D,%7Bpiv:100,vs:i,r:,t:1321%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1320,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1315~0,0~100%5D,as:%5B1315~300.250%5D%7D%7D,%7Bsl:i,t:1320,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tecIYp2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C19%7C1a.1058643-63502831%7C1a1%7C1a2%7C1a31%7C1a4%7C1b*.1058643-63502831%7C1b1%7C1b2%7C1b31%7C1c1%7C1c211%7C1c31%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1f2%7C1g1%7C1g21%7C1g3%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m1%7C1m21%7C1m3%7C1n,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1091:fbc9:1a70:b37a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 12:25:32 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK postback Show response
s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/ 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gk.123greetings.com/2/2.66.1/945541/AXGCnAcOEeOlBzU1/postback?dt=9455411658248091559000&pd=mkt&mo=0&si=main&ci=945541&sid=AXGCnAcOEeOlBzU1&oz_sc=8dcaa08b84d5e032b4f0df19&oz_df=1660220732774&oz_l=327&cv=3
Requested by: Host: s.gk.123greetings.com
URL: https://s.gk.123greetings.com/2/2.66.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 12:25:32 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Verdicts & Comments Add Verdict or Comment

478 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.123greetings.com/	1969-12-31 23:59:59	Name: utm_source Value: eaug_rakshabandhan_remail
.123greetings.com/	1970-01-20 14:46:20	Name: _ga_47Q5QDHYDP Value: GS1.1.1660220722.1.0.1660220722.0
www.123greetings.com/	1970-01-20 05:10:21	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=0
.123greetings.com/	1970-01-20 14:46:20	Name: _ga Value: GA1.2.1541243993.1660220723
.123greetings.com/	1970-01-20 05:11:47	Name: _gid Value: GA1.2.1963840282.1660220723
.123greetings.com/	1970-01-20 05:10:20	Name: _gat_gtag_UA_5085183_1 Value: 1
.trkn.us/	1970-01-20 13:55:56	Name: barometric[cuid] Value: cuid_14953b6a-307f-40eb-b353-2bbd4b02f92e
.doubleclick.net/	1970-01-20 14:31:56	Name: IDE Value: AHWqTUmnOjWXsoaX484Cdk7HFsU6YnwOoHC_QMAn_kVvC9lOJIHzrB7WQWrHwC7qqEI
.doubleclick.net/	1970-01-20 05:10:24	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 13:55:56	Name: CMID Value: YvT1NGN4jufFrRNzBtztGQAA
.casalemedia.com/	1970-01-20 07:19:56	Name: CMPS Value: 1164
.casalemedia.com/	1970-01-20 07:19:56	Name: CMPRO Value: 1164
.adnxs.com/	1970-01-20 07:19:56	Name: uuid2 Value: 8309373056538263495
.123greetings.com/	1970-01-20 14:31:56	Name: __gads Value: ID=c1d1666fad14869f-2204ced8edcd00b4:T=1660220723:RT=1660220724:S=ALNI_MYr3f8BfQ-q0PcVShDHc-x5BF9qsw
.123greetings.com/	1969-12-31 23:59:59	Name: cnFbAtkn Value:
www.123greetings.com/	1970-01-20 05:53:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.spotxchange.com/	1970-01-20 13:55:56	Name: audience Value: adeb92bb-1970-11ed-a0ad-14c817940006
.acuityplatform.com/	1970-01-20 13:55:56	Name: auid Value: 685542860499
.acuityplatform.com/	1970-01-20 13:55:56	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQSMbXWismGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUEjG11orI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.mathtag.com/	1970-01-20 14:36:15	Name: uuid Value: 890762f4-f536-4b00-ad5e-9c34cb54595c
.csync.loopme.me/	1970-01-20 07:22:49	Name: viewer_token Value: 1c923b83-5e38-4930-baf0-9c0eea54ca8c
.adnxs.com/	1970-01-20 07:19:56	Name: anj Value: dTM7k!M4.FCxrEQF']wIg2In3g7B6k!oApge(jRIZ<`K6?.i-LlAfp5k`aM$]A/ZMmuX#[[8U)pf5h>b_k-9D-BYtjKze!_6-zQEVk`!%[=zdBoU=
.adnxs.com/	1970-01-20 07:19:56	Name: icu Value: ChgI_a5rEAoYASABKAEwt-rTlwY4AUABSAEQt-rTlwYYAA..
.technoratimedia.com/	1970-01-20 14:46:20	Name: tads_uid Value: GDPR
.aniview.com/	1970-01-20 05:11:47	Name: 2_C_55 Value: 8309373056538263495
sync.aniview.com/	1970-01-20 05:11:47	Name: 2_C_55 Value: 8309373056538263495
.aniview.com/	1970-01-20 05:11:47	Name: 2_C_200 Value: OPTOUT
sync.aniview.com/	1970-01-20 05:11:47	Name: 2_C_200 Value: OPTOUT
.aniview.com/	1970-01-20 05:11:47	Name: 2_C_56 Value: 1c923b83-5e38-4930-baf0-9c0eea54ca8c
sync.aniview.com/	1970-01-20 05:11:47	Name: 2_C_56 Value: 1c923b83-5e38-4930-baf0-9c0eea54ca8c
.aniview.com/	1970-01-20 05:11:47	Name: 2_C_3 Value: GDPR
sync.aniview.com/	1970-01-20 05:11:47	Name: 2_C_3 Value: GDPR
.casalemedia.com/	1970-01-20 05:11:47	Name: CMST Value: YvT1NmL09TgA
.casalemedia.com/	1970-01-20 13:55:56	Name: CMRUM3 Value: 2762f4f5360b40&1862f4f53805a0&2d62f4f53505a0CAESECMGnxlVPcbX4o7kixzA0B8&2e62f4f53805a0&4962f4f53805a0&9c62f4f53605a00&2f62f4f53805a0&0362f4f5362760890762f4-f536-4b00-ad5e-9c34cb54595c&e662f4f5382760&5862f4f53805a0&0d62f4f53605a0&ce62f4f53805a0&0a62f4f5362760685542860499&f162f4f53605a0&0462f4f53805a0
.w55c.net/	1970-01-20 14:40:35	Name: wfivefivec Value: 0Z7UEXkY1Om7fG5
.w55c.net/	1970-01-20 05:53:32	Name: matchcasale Value: 5
.turn.com/	1970-01-20 09:29:32	Name: uid Value: 6956394433612229920
.yahoo.com/	1970-01-20 13:56:18	Name: A3 Value: d=AQABBDj19GICEGLQs_tFlhheeaZfPa23dZkFEgEBAQFG9mL-YgAAAAAA_eMAAA&S=AQAAAndFNSNV4lsQCkdQGDfFePw
.everesttech.net/	1970-01-20 13:55:56	Name: everest_g_v2 Value: g_surferid~YvT1OAAFot7OzQAK
.casalemedia.com/	1970-01-20 07:19:56	Name: CMTS Value: 1169

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://www.123greetings.com/1a9fdc5a-a7c4-48e8-bcef-97ea89848300 Message: Mixed Content: The page at 'blob:https://www.123greetings.com/1a9fdc5a-a7c4-48e8-bcef-97ea89848300' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.123greetings.com/1a9fdc5a-a7c4-48e8-bcef-97ea89848300 Message: Mixed Content: The page at 'blob:https://www.123greetings.com/1a9fdc5a-a7c4-48e8-bcef-97ea89848300' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16812334555823494425/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530241&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660220724384&bpp=17&bdt=115&idt=250&shv=r20220809&mjsv=m202208040101&ptt=5&saldr=sa&cookie=ID%3Dc1d1666fad14869f%3AT%3D1660220723%3AS%3DALNI_MZvW1bNoWMMP-mkoYvIRmOcQW2CsQ&correlator=2322548928101&frm=23&ife=4&pv=2&ga_vid=1541243993.1660220723&ga_sid=1660220725&ga_hid=1325080363&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=1870&biw=1600&bih=1200&isw=300&ish=250&ifk=3418456626&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44766069&oid=2&pvsid=1729891198437744&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.en1a50ncfapc&btvi=1&fsb=1&dtd=265 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16812334555823494425/index.html".
network	error	URL: https://www.123greetings.com/events/rakshabandhan/happy/ads.pubmatic.com/AdServer/js/pwt/157512/4157 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://p4dt2-ha1hf.ads.tremorhub.com/ad/tag?adCode=p4dt2-3dhcf&playerWidth=600&playerHeight=338&srcPageUrl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&supplyCode=p4dt2-ha1hf&mediaId=VideoId&schain=1.0,1!avantisvideo.com,8079,1,,,!spotim.market,isp_avantis,1,,,&transactionId=3a7fcd1c-074b-46c6-8359-f0cfc18dd47d&floor=USD:0.2&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Frakshabandhan%2Fhappy%2F%3Futm_source%3Deaug_rakshabandhan_remail&hb=1&fmt=json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

259aebd2a02cde61d4474d1d17dbdf0b.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ap.lijit.com
avm.avantisvideo.com
bttrack.com
c.123g.us
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.indexww.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
csync.loopme.me
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
events1.avantisvideo.com
fonts.googleapis.com
fw.adsafeprotected.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
i.123g.us
ib.adnxs.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
onetag-sys.com
p4dt2-ha1hf.ads.tremorhub.com
pagead2.googlesyndication.com
partner.googleadservices.com
play.aniview.com
play.selectmedia.asia
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
region1.google-analytics.com
s.amazon-adsystem.com
s.gk.123greetings.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.avantisvideo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
sync.technoratimedia.com
tg1.selectmedia.asia
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
web.ssp.yahoo.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
100.25.172.242
104.111.242.245
104.18.18.126
104.18.19.126
13.248.245.213
132.226.63.138
142.250.184.194
142.250.185.130
142.250.185.194
151.101.129.108
151.101.194.49
154.59.122.79
174.129.142.216
18.203.96.5
184.72.245.68
185.183.112.148
185.29.134.248
185.89.210.101
185.89.210.244
185.94.180.124
185.94.180.125
192.132.33.46
198.47.127.19
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.19.147.44
23.205.235.133
23.35.236.201
23.35.236.247
2600:1f18:1aca:4280:1091:fbc9:1a70:b37a
2600:1f18:612b:4216:6ea2:7e37:6642:1ce8
2600:9000:2057:4400:1c:38a0:8a40:93a1
2600:9000:2057:e600:3:748e:7940:93a1
2600:9000:214f:2600:8:48e:53c0:93a1
2600:9000:214f:e600:8:9ed9:9c40:93a1
2606:4700::6812:d4c
2606:4700::6813:ad6c
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:595::2c79
2a02:26f0:3500:c::5c7b:6805
2a02:26f0:3500:c::5c7b:6843
2a02:fa8:8806:20::2100
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:2eab:9250:340e:ef2b
3.121.203.249
3.126.56.137
3.224.43.174
3.65.16.214
34.98.64.218
35.157.246.167
37.157.3.29
44.224.187.254
51.38.120.206
52.223.40.198
52.32.39.185
52.46.128.147
54.146.17.63
54.93.60.116
65.9.71.118
67.27.158.124
67.27.233.252
69.173.144.139
72.251.249.13
00479dd21eacd546f50356a00567379c26bac239d3050dad0c5e4630f75ea189
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01284e35609034c53df8fb7d0137434c3464526fa03cd88b0133e9f845ddf2ca
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076eb23028e56611bf8e65c6d4b8cc5cf91fcb6b748b99ae52b5a6d89022c109
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0ae74371a872da00743b4c907dc6b5ea22377f13ede1ac75055a55f50676dba8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8d1c35332c3cfc08e0cf7e780a4761eece6091967e78fd9adfb8559675840c
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
13d4667177bf9777b7d9a0ce216beb8f877f4836ae8e234e689547abcbad7837
1627bb40c520719b5b5a219b77c331ffa3eab5b02ece720225d29fcd164db5ad
1802988d268b823443234e406cdaba4079f0e8dc09e228feca16380f9cf695fb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186456f68e798b6aeb8c250949d5568673a796257bfbb9ca6744c2c00d78c324
1a8c1098da00214f01e129caa2de55778552b27b6a4e5634ec425addb2893ef1
1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6
1b0cb248f6ba59a86d8308ac01183acf6b5f930c7a5a3422ba184dd588ff989c
1c3d1943e1f4846981521912092fa82e66a7da1856583892e3883c9e082ea661
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1d082d5e10b0651f7d5615499190306f7f4246e275cbe4eecdf81ec6d49c797f
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
233066a9c20261bbb32b49cc70104dc9e18a9ba13279c97c53cc7c08572fb76b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23dc04ce283fb7ab656d112b55f2d8d9d3f37eb8698e1defefc95c4ece328dd8
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
244ee144885993515408a2f2101b8ec44dc88ce521740f627692c385e20baee5
254d41d323b97e21b036ccf367f7dc18d8ea96daaf756167bac6f0ebbf8fbcd1
27236de3489dacea5703d5815368d5dd11ea9c958789198d9f82a3f03e93aeba
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
284763af898a7a61048ae18290de8a703804e96b8c080ff0ce5d16f139a9d941
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
2ff85c00c993c4622764a9da65586b838f877635c31e26a5cf8a62fd119be19a
317ef126b8fac157c92ae481db0bfac6e267a6fc3f50eba8b440acf723b1d725
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33207345cd83120dd0383018867718a80efe05ac733f63b9620869b8576c03b9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36f3a48ad54be496071f9e37458a8173b3c82fb1640cb641764eeed366714157
3a65b9a882bed44ad92ae80685376add43d876b801508faf8c38dbb201187c4b
3ba2c48a90ae2f9ca648961a99f72be28b559eddb7ed6a7250431af234a4bde9
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3cd70e1897e4743d146d043ee6dbea927500532062393d68947656705b0dd90f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dbde5df2009cf11c8b76710fe8380ff2077be63ac113599bf0e932d8de59319
3e48d8c8d68b0d385f02e56669e65cfa52a0275aff7a4c33cd4a7c63c5182cc1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d6129785c645085d6beb6f2edeaa34035ba879253da057553a4bee511f897c
4123a16cd6aa4c2271c9b4f3e4371842e49bfa122369114498802a559e293ecd
41c7f77cb564e20029d53084a16a3f1ba3da49f2d2c08c610584a5020dc9aaf4
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
43bd07362020d248f48672a14f31b12c307912439d6d1de415e041b04bd9fb4d
43f38d925b0518dd4f46592b14ce21fc0c3beb43d7f61e25d03e93d3a585a281
45ef428da6c398a1ad20d0dd43f98e0e3f1cf45fd871263af1eaf4951a85131d
463e45b8a1543eebd7a7904db6c08cf8d6974470163b2047c7dd6d8a24cfa85e
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4910f09396f1d69b6c6e8cae9725987d1a546935b33b8176f251956991226fa9
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49923770dbf6a444bd9c607852646ccfb3b420c0f1cf5d1a8f27d165d33850e8
4aff5256b915e992c1b2d3a70e5feeb7e3d1af2948d731b27b5a35afc40f6c72
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e98b5e6f19043672b522fe5301f1c0c83e5e7cf900d64c8505087e34e8c0891
4f365f1c904e6d1176c4fb5d0968b97f5935921500f5419b9339c5a8a8a1def4
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5091dcc281c0f1b55c61c40aa4cf2ad40a407882bfccee8c345b5c3529a2fce5
51c341c56d3a7ebc2c196900b581422649e0e6501b706e0a49e4b6609c5a188c
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6
53e8db73a690697741c35fe6f4d08f03be4a278cb7ba3507b54832c77a520197
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5767a39af793e2c8f31fe787217661ca8471c780ba9764a4a508f7fe807f1e9d
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d234e3bed43c6a189cabf165344e8d3c4eb607a65424a931aaf567f83bb1189
5e4154a94be3d0c84dad8123bce099da9ab83cdf6b482c2fe9208176682e20ce
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397
615dc2fa7c0ce95f86b4a3648efb146118aa0e02271890e8ff1b322ceb6cc871
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62aad9438c4874c2dd548bd74ed584de3840217c95ff7e7feb9285acb9453b58
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66adf84f211a98031ffe507228d09384130c2109aaf86fb981fb8515dc0f330c
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6a26f472970788e1b9638b18961c8932d2c4c400b9d2c258e6c562ca770ba14c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b38496db8d6189eaf0e819f0f01e1bb4ed7d77b0f9344fc38776ff154576708
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f09ff6c7ffceeb5e3fb30c1ac915ff21f7777edd70225fa038b039d32c339c1
6f409cd95c3213ea86a74eff3a0e67e39df7313e181b289af7697c59a8df688a
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
73a8c4643090bc508a479abca9b19393744e21ab711641ee147c2495dfd3d8b9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
74bbc30a37f0d2dbec7a1977236d447fb25e932fd7001e131010cd522540625b
75008e33e394f2cc922d017e94cebdb81a5389dcfa4b808cce8ce778f0fed846
754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193
76dfacfccf206b566f6ef2ad234073f132b1ffbef2c90590d987a01867250464
785625865a3ef35af76cba3f15ef1895925cff6e282d9aec1f20d8482efe30fa
786ad844f6dc885f3f914912e5d9e12bf0e8eb082aa33e71e679d979c0c8384c
78ac667e9f03ea5949e99ffdcebc7462957dea42d99913e243d350692d9221bf
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7ca73da8c1a2ddcee2419b1e2707d596876780dea600f5ae4d580c52f8d35abf
7cd81e871128dfc33594ec41e43ee6398f5a9e6d4fe23e031fbdd7f742abf684
7d3947cda9018d61f94dee7905e3de869292ad8d1039606303c8d4d64a50178d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
807decb584efffdb3e88c2e486706ec4c83fec6d028046277c965987c5446daa
81113214da7b946424bed9da1f2713c0e7280b577feb58cdc17ff672143aced7
8118f9caab521097310cbd5980732e472a431511536759da6a7f475e2f9b1c2b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8c1f875cbee36d6519e995aa22d1b840cebef72b0f0e307da61385918b780a9e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfc5362060c8cd19a78c20279cbf8558c5353b403ad1610f19bb0434b26104b
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
923aa9c1832d42685c1f1383ec48cc612bc3439cacb1b2bb21b1b6fafe61b8d5
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
93857e76705a5ed56b886f65cd99d86beb656c85d0125c8d46be6ac4eb4cd245
94483fa397623f2d91fe4f12811c1be073f7c61f5149c6bdc4c443ab2f1cf809
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550
98adeebe61c6d760fb95ac163b8b41446775d976ae6b2f9b80177db16f5927c9
9a74086f82cb013da72349a9bf62a7f22d9b2fb9f884704d355839c457197cbd
9bf093a27a9dfde94d55e1559d8da31f2105746192aa9aa0ec1e7a2681365627
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02a5f9c0c416e227068c57b7fbdff5ffae07e526eda8c162d2aea280891abe8
a16c7316d996e441e7c4928e613dced78e058484a9f016c6d479a6352aee8440
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64833164c34020f22d5fe3c49467b3fb145e650dae3f7ef62c439e869819601
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a855faee9dbbd5e0e2ea4a1cc34537d7d931c185a272fcff71954a9bbc52458d
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ad629a0adc789df1884b24d2600ae9e746c09e870e2cc75ab0ae55d2bee9191b
aed0221fdf57f8ebfc72bbcf251a01c4eca732d1163931c2e1899c469df973f2
b11045a07e21b5b2d576bc84e26da868e0d3127fb98eafe6bbca871f087d98a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17866a9a6bd7f55bb6a801dd5803ff61e577a5f1e5d5dbba044c30afd3ca45d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b40c49d5412c38f997f71f7e8c9cef5cb90bf5779de7d4c701e85376939d326e
b4232d7975ca4fc1e6188befb8d99540d345e4b1dce5eb4b418bf4e49d4ceb65
b44b2ba17533f2e7a05bcce1f4644f24aad90223ab3d443d7db8179259f78a81
b6b69ba0757b1def6071366796fc763cc84df9c7c3f0a862f2fca906792c54b6
b8d1a6e07ef3405bb00bf4c0e8480fd93e87e955d9f836337f71d89cb802ece6
b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a
baa1a462819193c9dd6352e63c5a8b4eec8228bb4d663b4c4f6bad0335033787
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc124435f33f02919f9354e53597a289d24facf4bba05cb1aea2046ef7aada37
c01cd8d495137487e3e8379abcdf86c956b98d8a13b4124d0c28085cb61d6c01
c091fc80f15b31d2d410b4b034245b637c2dd009882599b681a573af7ff0373d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c28d18e13b70ca6b1bdb12bc179155260442fb8161141d893ded04f093853969
c2902d73f30c8ec93708074331f0452f64d64e7bb4b62ff965aa2e859fee4061
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c5da915eb66395c9788a006a5386c57441a6703c8955eaf8806f15f40b94629b
c6dee0ce11364c6f11ae1bd42d99b8589a2196ab64931045a6f9bd7f80b0c0b5
c7ea034100be07afe86d592616c5741f11ba29528c5feb624f62295bea3cab46
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cee95d7939be6fe4b021522fc3736a8fc0304ce0a0951c35cdf7493c5f7890a8
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1fd4a7b5aa78e41c8557fd0e17753aa29e7a5848d20b193e8e1c986e0e20eb3
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d296131da814e68033b8f973cd34aeaf058191c99e1a265b5569d6f7d0074aad
d2c7c0698f63aba670a9e4d63a38b1eb6d2e814fb03e921449ccdd36e2eb8c4f
d37a1d0a9caf1a7ab47cf71e03cb92dbce54797914e91c6ad6bf88dabd0814ca
d55a3b8b5069b05e8fc4cf48a7e8ad1c40ba9d11626dc32b0451d6ea0b09d850
d5ef34863eddc620d5bbb04e7ea944a9862de7a3ee9c7b0b1880f118b51d3f1f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6714cc1369d9cec58aca8527d87c422a4775b6c72795eed25ae54c0463f8e31
d68a1b8fdc4ccc7d873c1cebb0e88ccb1743551cc0c3b4377d30df1ae9ca4e9b
d7558125ba5b265f6411645f5652b0db3085bb0f81582fff1216a2f1518adcfd
d814335ed2a25a6599873908552985ce68a02eb8f1b1f3184007f4f4308c42a3
d82ac656c0175d252d08f5a4c029cbada55a413df58910cdf0be7e6871226571
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
dc519b7bf113cce8644295ac0682c0c6419203b865d4204c1d71a625053cbb3c
dcdc2fa645fd76c7610f7a858be674df1628c04b1a5125826b91cc52c29784dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe7507e79125daf11cb6b233c0cd032d17d33f76d1962a33014abf7925b8489
e0a6c0a5e14a8e83a6d486d3964d00f445d9843d0ea0ac41274f03f42bd77c9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4ca1dc49d5322b47dc3f27b0013377031a7e39c52cc23c05edea489b39e4588
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
eb7edb2e2fba8743800e7e41622628f25006b1f48020ca0fe48ad04af2a129e6
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec9beb6364157b9165009bd4f6f4a9b2575ffbd4809fc07502da04f361978217
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eec579a532c67828ecb5a30ef57c1fcf4636d166171a63494fb21f54dd1796f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b99150f1812fd27035fdd98c73aab20627cc67da0837d8eee4a7fbfbb8afe
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f25405dde54e641ed5d49a76307df4718c1ddabe430c017dad3b42b457892b74
f3aad99750c000cb0f8cb31249aff4bfbc8db3870847a553673b084a68208035
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9d2a0c0e08ad5bd149b127612dba3e2b86688b8c0707770d5fd1231dd525471
fb0e4f09467c084caf5a67479121c6a43a502ef28ae116287d3cbd551a96ba06

www.123greetings.com Open in urlscan Pro 184.72.245.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

437 Requests

95 %HTTPS

43 %IPv6

50 Domains

86 Subdomains

72 IPs

10 Countries

5479 kBTransfer

13628 kBSize

40 Cookies

12 Outgoing links

Redirected requests

437 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Screenshot
Live screenshot

Full Image

437
Requests

95 %
HTTPS

43 %
IPv6

50
Domains

86
Subdomains

72
IPs

10
Countries

5479 kB
Transfer

13628 kB
Size

40
Cookies

437 HTTP transactions
18 data transactions