www.123cards.com Open in urlscan Pro
3.33.254.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.pstmrk.it/2sm/www.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbi...
Effective URL:
https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Submission: On July 29 via api (July 29th 2022, 11:34:54 pm UTC) from CH — Scanned from IT

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 19 domains to perform 58 HTTP transactions. The main IP is 3.33.254.212, located in United States and belongs to AMAZON-02, US. The main domain is www.123cards.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 17th 2021. Valid for: a year.

This is the only time www.123cards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.155.201.27 54.155.201.27	16509 (AMAZON-02) (AMAZON-02)
6	3.33.254.212 3.33.254.212	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
5	2600:9000:206... 2600:9000:206e:a800:3:7dd0:9180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211a:f800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:1800:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.251.36.66 142.251.36.66	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:217... 2600:9000:2171:7600:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:e000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4014:80a::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:217... 2600:9000:2171:f000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:2277	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.73.234.22 3.73.234.22	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	158.69.52.117 158.69.52.117	16276 (OVH) (OVH)
1	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	28

1 54.155.201.27 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-201-27.eu-west-1.compute.amazonaws.com

click.pstmrk.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.254.212 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

www.123cards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (London, United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206e:a800:3:7dd0:9180:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.123cards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211a:f800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.36.66 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:7600:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:e000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2171:f000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2277 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.234.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-234-22.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	123cards.com www.123cards.com static.123cards.com	124 KB
6	google.com accounts.google.com — Cisco Umbrella Rank: 118 region1.analytics.google.com — Cisco Umbrella Rank: 5536 www.google.com — Cisco Umbrella Rank: 10	76 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 542 c.clarity.ms — Cisco Umbrella Rank: 1008 j.clarity.ms — Cisco Umbrella Rank: 5385	26 KB
5	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 10574 cmp.quantcast.com — Cisco Umbrella Rank: 4165 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11900	139 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 344 c.bing.com — Cisco Umbrella Rank: 192	13 KB
4	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2537 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 8174	91 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	6 KB
3	google.it www.google.it — Cisco Umbrella Rank: 17945	762 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	131 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	502 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	151 KB
2	trackjs.com cdn.trackjs.com — Cisco Umbrella Rank: 16490 usage.trackjs.com — Cisco Umbrella Rank: 7378	10 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	177 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 942	640 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 991	30 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303	31 KB
1	pstmrk.it 1 redirects click.pstmrk.it — Cisco Umbrella Rank: 47152	150 B
58	19

	Domain	Requested by
6	www.123cards.com	www.123cards.com cdn.trackjs.com
5	static.123cards.com	www.123cards.com
3	cmp.quantcast.com	quantcast.mgr.consensu.org cdn.trackjs.com
3	www.google.it	www.123cards.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.123cards.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.123cards.com
3	quantcast.mgr.consensu.org	www.123cards.com cdn.trackjs.com quantcast.mgr.consensu.org
3	accounts.google.com	www.123cards.com accounts.google.com cdn.trackjs.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	www.123cards.com
2	www.google.com	www.123cards.com
2	stats.g.doubleclick.net	www.googletagmanager.com cdn.trackjs.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com
2	www.googletagmanager.com	www.123cards.com www.googletagmanager.com
2	pagead2.googlesyndication.com	www.123cards.com pagead2.googlesyndication.com
1	j.clarity.ms	cdn.trackjs.com
1	usage.trackjs.com
1	c.bing.com	1 redirects
1	audit-tcfv2.cmp.quantcast.com	cdn.trackjs.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	cdn.trackjs.com
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	www.googleadservices.com	www.googletagmanager.com
1	test.quantcast.mgr.consensu.org	cdn.trackjs.com
1	ajax.googleapis.com	www.123cards.com
1	cdn.trackjs.com	www.123cards.com
1	click.pstmrk.it	1 redirects
58	30

This site contains no links.

Subject Issuer	Validity	Valid
www.123cards.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-17` - `2022-12-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.trackjs.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-28` - `2023-08-11`	a year	crt.sh
*.123cards.com Amazon	`2021-12-19` - `2023-01-17`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cmp.quantcast.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-08` - `2022-08-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google.it GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Frame ID: ECBFBFE14881994DAA52B25D6420B286
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: 93505BAEA816FF7B017247A829DE9D3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Help Center - 123cards.com

Page URL History Show full URLs

https://click.pstmrk.it/2sm/www.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demai... HTTP 302
https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

72 %
IPv6

19
Domains

30
Subdomains

28
IPs

7
Countries

1041 kB
Transfer

3622 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.pstmrk.it/2sm/www.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20/yQfvKzAN/UTCB/0a8RcpKy2i/YmlydGhkYXlzLWp1bHktMjAyMi1sY2xja2QyMA HTTP 302
https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=662DF400EFE244FA99E7F2E046ADA3FA&RedC=c.clarity.ms&MXFR=3043928F60456C3729E6837F6445629A HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=662DF400EFE244FA99E7F2E046ADA3FA&MUID=3FBF4676CDAC6B0B2B225786CC5D6A45

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.123cards.com/help/
Redirect Chain

https://click.pstmrk.it/2sm/www.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20/yQfvKzAN/UTCB/0a8RcpKy2i/YmlydGhkYXlzLWp1bHktMjAyM...
https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

152 KB
30 KB

499ms
231ms

Document
text/html

3.33.254.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.254.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

Software

Apache /

Resource Hash

ae839d705e84045625bbe59208dcccabdc2559d79397d0b37aecebd9ed469d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 29084
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 23:34:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=2628000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mod-pagespeed: 1.13.35.2-0
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/octet-stream
date: Fri, 29 Jul 2022 23:34:48 GMT
location: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
server: awselb/2.0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
56 KB 131ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4917629296868795

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ba6831544c490157faa66f50bf9e1d57328dcab2d963704a4c58619d97d259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123cards.com/
Origin: https://www.123cards.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57084
x-xss-protection: 0
server: cafe
etag: 6627718229602053556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 23:34:48 GMT

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
9 KB 178ms
36ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:48 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:40:38 GMT
server: NetDNA-cache/2.2
x-amz-request-id: SW1CC0HPK43T6PV1
etag: W/"48ead32171e554edb2744890102504b0"
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-max-age=3600, max-age=604800, public
x-amz-meta-content-type: application/javascript
x-amz-id-2: duK62cUZwO89KfG1DrV1Duu2ugAZ3LFuoqx7xSO221eBN4JSd8udztZa9y04TCp3ySNyXFVvjBI=

GET
H2 200 123cards-compact-v3.svg
static.123cards.com/images/ 46 KB
15 KB 145ms
42ms Image
image/svg+xml 2600:9000:206e:a800:3:7dd0:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.123cards.com/images/123cards-compact-v3.svg
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a800:3:7dd0:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d6ad0a868f1c259f483be4bdaa2d2e9b305b9f1b8f16cb4a8db9509f4d1141

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 05:10:28 GMT
content-encoding: gzip
age: 4127061
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Dec 2020 16:08:22 GMT
server: AmazonS3
etag: W/"2f887162a43c24010f981238c9e6bb28"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
via: 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
access-control-expose-headers: Origin, X-Requested-With
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 9GmXj4Js04yEg0z74aFsgGnsLvtA8EH9fZcJJZHpCGO-V5RX9_DIDA==

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 164ms
67ms Script
application/javascript 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8b4d1d801b78f21093f1b3679df227a7b82b73686c7fae65245cb162d54fba1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TiJKI_zU56GgvGsCCFvZ-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-TiJKI_zU56GgvGsCCFvZ-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H2 200 red-heart.svg
static.123cards.com/images/ 452 B
908 B 153ms
51ms Image
image/svg+xml 2600:9000:206e:a800:3:7dd0:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.123cards.com/images/red-heart.svg
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a800:3:7dd0:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 418a3180a801fce0f37de0c30dd5ed8a2f7fdbe6447f70412ac2975b4d06350e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 00:52:32 GMT
via: 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
age: 2932937
x-cache: Hit from cloudfront
content-length: 452
last-modified: Tue, 09 Feb 2021 15:49:53 GMT
server: AmazonS3
etag: "3bc0cde4b38171e6a84523942826ce97"
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 4XYVjAljNCGArMdDBLvR7_y8CEVGb5QZ0_4zZIsMaxYX0gCUUXAuxA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 136ms
34ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 22:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 22:14:20 GMT

GET
H2 200 yii.min.js,qv=1658329297.pagespeed.jm.dai_3qU9sQ.js Show response
www.123cards.com/assets/2be562c7/ 8 KB
3 KB 130ms
128ms Script
application/javascript 3.33.254.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123cards.com/assets/2be562c7/yii.min.js,qv=1658329297.pagespeed.jm.dai_3qU9sQ.js

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.254.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

Software

Apache /

Resource Hash

4af46c1a7efb9d642a5697fc7c11a31affeac1156e375ef3b068f4715037f24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 7991
vary: Accept-Encoding
content-length: 2703
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jul 2022 18:17:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"0"
strict-transport-security: max-age=2628000
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 18:17:44 GMT

GET
H2 200 site.min.js Show response
www.123cards.com/js/ 3 KB
1 KB 128ms
126ms Script
application/javascript 3.33.254.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123cards.com/js/site.min.js?v=1658329297

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.254.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

Software

Apache /

Resource Hash

a35c4200e77d94540325387dd2a0e413cf9a97a94b2d4aa6cdd5adf57f893d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-original-content-length: 3074
server: Apache
etag: W/"PSA-aj-hq017VatBX"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31516974
strict-transport-security: max-age=2628000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1199
x-xss-protection: 1; mode=block
expires: Sat, 29 Jul 2023 18:17:44 GMT

GET
H2 200 faq.min.js,qv=1658329302.pagespeed.jm.-F5SLS7R09.js Show response
www.123cards.com/assets/5acf7a3b/js/ 1 KB
615 B 128ms
127ms Script
application/javascript 3.33.254.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123cards.com/assets/5acf7a3b/js/faq.min.js,qv=1658329302.pagespeed.jm.-F5SLS7R09.js

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.254.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

Software

Apache /

Resource Hash

384f731fb78cf245c1f8c59fc22e4f0849e352435f4c90b1d0df1ecdd85ded0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 1438
vary: Accept-Encoding
content-length: 517
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jul 2022 18:18:28 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"0"
strict-transport-security: max-age=2628000
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 18:18:28 GMT

GET
H2 200 device.min.js,qv=1658329297.pagespeed.jm.lQxVYSPdBI.js Show response
www.123cards.com/assets/b9d8310e/lib/ 3 KB
1 KB 127ms
126ms Script
application/javascript 3.33.254.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123cards.com/assets/b9d8310e/lib/device.min.js,qv=1658329297.pagespeed.jm.lQxVYSPdBI.js

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.254.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

Software

Apache /

Resource Hash

6f86913625f597d9223e036932e386a50f008540131886e3195a9c0c865ff50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 3296
vary: Accept-Encoding
content-length: 1119
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jul 2022 18:17:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"0"
strict-transport-security: max-age=2628000
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 18:17:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
81 KB 139ms
43ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NL98TM

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a58e986c217ce8b772ec38234296ee7e7e0ab2bab889d8e2bc0f25f4b835c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82036
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H2 200 arrow_right_grey.svg
static.123cards.com/images/ 183 B
638 B 127ms
42ms Image
image/svg+xml 2600:9000:206e:a800:3:7dd0:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.123cards.com/images/arrow_right_grey.svg
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a800:3:7dd0:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0102f21efb53621d5375012347f7e65eb58c9cf6edc24790dec17e813be021a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 03:25:09 GMT
via: 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
age: 4738180
x-cache: Hit from cloudfront
content-length: 183
last-modified: Fri, 29 Mar 2019 12:03:44 GMT
server: AmazonS3
etag: "f83dfb1f36bf062114982ea0bb753a96"
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: Ip_N4OaxS-qvJ1oXh258JPzCdTzcJG1vhu36tD1EaSoJzUKyCdteUg==

GET
H2 200 ClickerScript-Regular.ttf
static.123cards.com/fonts/ 59 KB
59 KB 130ms
46ms Font
binary/octet-stream 2600:9000:206e:a800:3:7dd0:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.123cards.com/fonts/ClickerScript-Regular.ttf
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a800:3:7dd0:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d470af79ddec2f592ce6c268affef9e1ea59d4d557e39efc0f1157d094d5156

Request headers

Referer: https://www.123cards.com/
Origin: https://www.123cards.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:11:45 GMT
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
age: 17997785
x-cache: Hit from cloudfront
content-length: 60300
last-modified: Fri, 29 Mar 2019 12:04:05 GMT
server: AmazonS3
etag: "c84d53cae365cdc03e9d51b103f44460"
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: EQr7PN_tFQdLZgzr3T0yMMG5EQSa2ijBiBwGzWix3lzGiyak-n9Skw==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/ 341 KB
121 KB 126ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4917629296868795&plah=www.123cards.com&bust=31068683

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4917629296868795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0476520233632261e569c62d06c10e20eb62737d2815b08777f439f0d7677bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123424
x-xss-protection: 0
server: cafe
etag: 8607330523049197540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame 9350 10 KB
5 KB 139ms
42ms Document
text/html 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4917629296868795

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123cards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 12640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 20:04:09 GMT
etag: 8616628553774171045
expires: Fri, 12 Aug 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 118ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NL69SERHSR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL98TM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

379d51555766e6b528c2e5bdac78bdf6c49482fb98160ac615eb69049763fb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72404
x-xss-protection: 0
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/M9dqhhr_AeBzf/www.123cards.com/ 4 KB
2 KB 131ms
42ms Script
application/javascript 2600:9000:211a:f800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/M9dqhhr_AeBzf/www.123cards.com/choice.js
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff2a0d1ab56d392e16fa9a5382f8d6728aba8222648c9ba03c7fd290088b3f70

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 29 Jul 2022 23:34:19 GMT
content-encoding: br
last-modified: Wed, 10 Feb 2021 18:31:47 GMT
server: AmazonS3
age: 31
etag: W/"e79e12a563da69dd6c2e45801c6cd7f0"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: FjPE-w0OR1kVmGHUMsfALN2PLSqLs8azCVdSQgmkwCkTH45ze7X2ug==

GET
H2 200 vendor-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 367 KB
45 KB 108ms
39ms XHR
application/json 2600:9000:225e:1800:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eec24698047d7bfa844d3e4983cce7a4f59abaaff393a0d0d2224113584362c3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 03:00:47 GMT
content-encoding: br
age: 74043
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 29 Jul 2022 03:00:33 GMT
server: AmazonS3
etag: W/"2b8af41de61c2a60a23810292ef4f1c8"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: oMQQuLgRtS2ADJAFCNfcnKZgQoNtX284
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: gFNjFuU4zM1MbysxwJl_NqppPkRTQ69mcwMy5JA2m9680JWaHICSbA==

GET
H2 200 noniab-vendorlist.json Show response
quantcast.mgr.consensu.org/choice/M9dqhhr_AeBzf/www.123cards.com/.well-known/ 245 B
796 B 122ms
39ms XHR
application/json 2600:9000:211a:f800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/M9dqhhr_AeBzf/www.123cards.com/.well-known/noniab-vendorlist.json?timestamp=1659137689237
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57ba11a4cb373b1ac5aaa41a695cd824ab9ec997f02c6c350bd12922f889f3f7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:19 GMT
via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
age: 31
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 245
last-modified: Mon, 02 Nov 2020 18:08:19 GMT
server: AmazonS3
etag: "0048225df71ac9a05a30715ac6b985a3"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: 1dqF1wcNDO0PbcljSfcFNTAKPLlrh2JT23PVm6lSRJdW3cdRlk9J4Q==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 176ms
69ms Script
text/javascript 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL98TM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 147ms
64ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL98TM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E580BA758AB24FE891AB9B3CE13F7AFE Ref B: ZRHEDGE0713 Ref C: 2022-07-29T23:34:49Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 29 Jul 2022 23:34:48 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 140ms
44ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL98TM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dda961c684bb8f6a9e1d37502469bc063b1d90b4966c81ea03f07079a6036a59

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26528
x-xss-protection: 0
pragma: public
x-fb-debug: ChJrVvMqzktYUKPudsnz4I6YcjyTh3VQ8WD9WvLvF0qXMrW5n655DVvCYhXIT1SZLoBXFxu8fks/97MqbNgpVg==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Jul 2022 23:34:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 106ms
32ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL98TM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1969
date: Fri, 29 Jul 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 30 Jul 2022 01:02:00 GMT

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 118ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zZ3mu9673j_EZ0TqK4optw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zZ3mu9673j_EZ0TqK4optw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 102ms
33ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Jul 2022 00:11:35 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 118 KB
30 KB 122ms
37ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/M9dqhhr_AeBzf/www.123cards.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
etag: "kVQ9bYjc9nNVTXISAKx8jA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 05 Aug 2022 23:34:49 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
43 KB 42ms
42ms Script
text/javascript 2600:9000:211a:f800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.123cards.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/M9dqhhr_AeBzf/www.123cards.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:11 GMT
content-encoding: br
age: 50
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 18:41:01 GMT
server: AmazonS3
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: G2SbaIYh5mZC9L3xCm-_J9Cbb-nf5Rf1tqXd0N7EfV3Q1VhggqqTkQ==

GET
H2 200 26050194.js Show response
bat.bing.com/p/action/ 1 KB
844 B 217ms
217ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26050194.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7e66aa9f45e47e1b823ca9d2a68648e2227d46162d4f63b4b1a3cf1c9202860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5AA4DF1DD7F24EE49CE15D0F902856E6 Ref B: ZRHEDGE0713 Ref C: 2022-07-29T23:34:49Z
date: Fri, 29 Jul 2022 23:34:48 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
176 B 66ms
66ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26050194&tm=gtm002&Ver=2&mid=f77a1eb2-99d0-412a-b016-1f300a66b148&sid=099a85d00f9711edbf3a7d6f51a04aa3&vid=099aaeb00f9711ed836f5f8640f6bf51&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Help%20Center%20-%20123cards.com&p=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&r=&lt=1089&evt=pageLoad&sv=1&rn=527794

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D030D6C87B3D46E681AAB5AC8E0682E1 Ref B: ZRHEDGE0713 Ref C: 2022-07-29T23:34:49Z
date: Fri, 29 Jul 2022 23:34:48 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 105ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NL69SERHSR&gtm=2oe7r0&_p=1948851358&_z=ccd.v9B&_gaz=1&cid=1913725513.1659137689&ul=en-us&sr=1600x1200&_s=1&sid=1659137689&sct=1&seg=0&dl=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&dt=Help%20Center%20-%20123cards.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NL69SERHSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123cards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 128ms
43ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NL69SERHSR&cid=1913725513.1659137689&gtm=2oe7r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NL69SERHSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123cards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 156ms
60ms Image
image/gif 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NL69SERHSR&cid=1913725513.1659137689&gtm=2oe7r0&aip=1&z=2065953403

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 90ms
43ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.69

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: qz01ku6o5qge3+HZDdP8zQ5DUK7P0Ydfg9JuLkaC08cKxJNVtsOsRuasleX9plIeZntp9Gs8m0GjYxiXNLfrYw==
x-frame-options: DENY
date: Fri, 29 Jul 2022 23:34:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1379482705711395 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 131ms
85ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1379482705711395?v=2.9.69&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ad59134e15c1f677548afe56d2b02707bd580ab670ca66ab257c02eb48c6235

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85859
x-xss-protection: 0
pragma: public
x-fb-debug: 08ZwgWDv5BuAVvrPWhNziEQaPsG+wutK6aX8JxuKST5nkGozc+w6aeLbmvapZUPuweBDFIWEd4+tUjjgqqscog==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Jul 2022 23:34:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965588391/ 2 KB
1 KB 140ms
58ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588391/?random=1659137689431&cv=9&fst=1659137689431&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&tiba=Help%20Center%20-%20123cards.com&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f0c0cde519c0ddca529b28f0aff9c2d35c9762b3056891600904d9fcc2b9a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 9 KB
3 KB 134ms
46ms XHR
application/json 2600:9000:2171:7600:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:7600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51eb631a349d9c76ff727c938dbd01c20375c9b3409429f9b41b7ac2da7173e2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.123cards.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 03:00:46 GMT
content-encoding: br
age: 74044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 19:52:29 GMT
server: AmazonS3
etag: W/"b309335d928a0182d28c90336dee523b"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: dJIG3yqoKntLiVLzjWU7H2e9gT3ytWjN
via: 1.1 47140f009c2bd3561cd6dde4003253e2.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG53-C1
content-type: application/json
x-amz-cf-id: WTvHEo6HLwX71itRf-yXbK8lNrnQHT3hpQTBZ3660mws-h2ER8Gclw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 67ms
42ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30631-54&cid=1913725513.1659137689&jid=186669532&gjid=963476651&_gid=1232351602.1659137689&_u=aGBAgEAjAAAAAE~&z=763926335

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123cards.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jul 2022 23:34:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.123cards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
33ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1948851358&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&ul=en-us&de=UTF-8&dt=Help%20Center%20-%20123cards.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=186669532&gjid=963476651&cid=1913725513.1659137689&tid=UA-30631-54&_gid=1232351602.1659137689&gtm=2wg7r0NL98TM&cd1=Logged%20out&cd3=Help%20Center&cd7=%20-%20&cd10=free&cd12=1913725513.1659137689&z=212782149

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 12:41:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39171
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-M9dqhhr_AeBzf.js Show response
rules.quantcount.com/ 160 B
640 B 142ms
41ms Script
application/javascript 2600:9000:2304:e000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-M9dqhhr_AeBzf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:e000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cda5cb6881d87112bf2646274f104b594a781a4ef35bcf5dcbf664d0f02aa829

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:20 GMT
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
age: 30
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Wed, 27 Jul 2022 10:13:10 GMT
server: AmazonS3
etag: "1e28ae2d7b0a99cda2cdf621fc7a0bda"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-amz-cf-id: in7C6HAhlv7EOk_7lGNHWKbS41qeLubh0T_zIJguNNrKN3o_y0F5oQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 155ms
59ms Image
image/gif 2a00:1450:4014:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30631-54&cid=1913725513.1659137689&jid=186669532&_u=aGBAgEAjAAAAAE~&z=713583997

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 58ms
58ms Image
image/gif 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30631-54&cid=1913725513.1659137689&jid=186669532&_u=aGBAgEAjAAAAAE~&z=713583997

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/965588391/ 42 B
548 B 132ms
58ms Image
image/gif 2a00:1450:4014:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965588391/?random=1659137689431&cv=9&fst=1659135600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7r0&sendb=1&frm=0&url=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&tiba=Help%20Center%20-%20123cards.com&async=1&fmt=3&is_vtc=1&random=2940423201&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.it/pagead/1p-user-list/965588391/ 42 B
154 B 59ms
59ms Image
image/gif 2a00:1450:4014:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/pagead/1p-user-list/965588391/?random=1659137689431&cv=9&fst=1659135600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7r0&sendb=1&frm=0&url=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&tiba=Help%20Center%20-%20123cards.com&async=1&fmt=3&is_vtc=1&random=2940423201&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/42/ 230 KB
56 KB 152ms
51ms Script
text/javascript 2600:9000:2171:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.123cards.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 22:06:00 GMT
content-encoding: br
age: 5330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
server: AmazonS3
etag: W/"24932b3e61742029985961c24d35dbb7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: EKQwPYDUnnBN-xOR_idxNckrbuFxMQTCCzxYBhJalB_IILdfCUbypw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 331 KB
44 KB 148ms
50ms XHR
application/json 2600:9000:2171:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec737ea1650b8164d79e9fe5b53e9a338379879df862c9ecdc6f695762be6263

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 03:00:40 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 74050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Jul 2022 03:00:33 GMT
server: AmazonS3
etag: W/"232b730418c926a301bb759fbe737639"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 428d48dcc06c35ef0bcb1f235f6038de.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: DiiMbckLdARk-AXiAj7miTuWUZr6c5bASVuNhSP5zAOljBqrEb0Dbg==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 152 KB
36 KB 194ms
97ms XHR
application/json 2600:9000:2171:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99ef26dc60d3df71704c688893e7c767210f6bb3992de81cb8b758a765eb34a8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.123cards.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 22:06:00 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Jul 2022 03:03:31 GMT
server: AmazonS3
etag: W/"3498a81974e18a455830433c05b4a21f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 428d48dcc06c35ef0bcb1f235f6038de.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: sjHqOPpNZFDGBWC-h_Fz5MYqwehaoOOvMcl3BBTUePjFuFL6l-43uw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 152ms
51ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1379482705711395&ev=PageView&dl=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&rl=&if=false&ts=1659137689622&sw=1600&sh=1200&v=2.9.69&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1659137689621.949441876&it=1659137689427&coo=false&tm=1&rqm=GET

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 29 Jul 2022 23:34:49 GMT

GET
H2 200 26050194 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 361ms
188ms Script
application/x-javascript 2620:1ec:27::cafe:2277
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26050194
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26050194.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2277 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d331bd83f946372d56af23f728b21a3d44b9d63d1e562eb40c070cb7984a3377

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
x-powered-by: ASP.NET
x-azure-ref: 0mW7kYgAAAABUFtLXVtQtQ4L0l8lBObCDUkJBMzBFREdFMDgyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 118ms
34ms XHR
text/plain 3.73.234.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22M9dqhhr_AeBzf%22%2C%22domain%22%3A%22www.123cards.com%22%2C%22publisher%22%3A%22123cards%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22ornIXXuP9LNojxJc7p8dZQ%22%2C%22clientTimestamp%22%3A1659137689845%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-iobyaxipbewoq676wkv3%22%7D
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.234.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-234-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.123cards.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Jul 2022 23:34:49 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 123cards-compact.svg
static.123cards.com/images/ 40 KB
12 KB 47ms
47ms Image
image/svg+xml 2600:9000:206e:a800:3:7dd0:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.123cards.com/images/123cards-compact.svg
Requested by: Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a800:3:7dd0:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e477acce596324e443ae25feefec14dfb15bd6fa9fce2e4de1d5a3c09a15536

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 18:42:35 GMT
content-encoding: gzip
age: 5028735
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Mar 2019 12:03:44 GMT
server: AmazonS3
etag: W/"9fa397a270e970978834a5f807feec4a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
via: 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
access-control-expose-headers: Origin, X-Requested-With
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: dNFb9mnRLx_pJl7pWkpGgtwWUgkljNFs5EwJR07aMtME70JG7sS8nQ==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.6.36/ 52 KB
23 KB 177ms
176ms Script
application/javascript 2620:1ec:27::cafe:2277
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26050194
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2277 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:49 GMT
content-encoding: br
etag: "1d8a0e15023e426"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0mm7kYgAAAABAZRtcTrLuRJl2becNOdoTUkJBMzBFREdFMDgyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23009
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 93ms
44ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1379482705711395&ev=Microdata&dl=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20&rl=&if=false&ts=1659137690124&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Help%20Center%20-%20123cards.com%22%2C%22meta%3Adescription%22%3A%22Do%20you%20need%20help%20sending%20an%20ecard%3F%20We%20have%20been%20helping%20our%20users%20to%20send%20online%20greeting%20cards%20over%20the%20last%20decade.%20Find%20your%20question%20answered%20below.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22123cards.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.123cards.com%2Fimages%2F123cards-square-logo-facebook.png%22%2C%22og%3Alocale%22%3A%22en-US%22%2C%22og%3Aimage%3Aalt%22%3A%22123cards.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%22%2C%22og%3Atitle%22%3A%22Help%20Center%20-%20123cards.com%22%2C%22og%3Adescription%22%3A%22Do%20you%20need%20help%20sending%20an%20ecard%3F%20We%20have%20been%20helping%20our%20users%20to%20send%20online%20greeting%20cards%20over%20the%20last%20decade.%20Find%20your%20question%20answered%20below.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22Home%22%2C%22item%22%3A%22https%3A%2F%2Fwww.123cards.com%22%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22name%22%3A%22Help%20Center%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.69&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1659137689621.949441876&it=1659137689427&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.123cards.com
URL: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 29 Jul 2022 23:34:50 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 54ms
54ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1095421428673-18omcgtt5oelfd26mmjeg88jeoebgpij.apps.googleusercontent.com&as=kinUVa%2BmxL4qZhnzgk9t4g

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f8d53ca9471d77584c45cfff20670742add5ce5ea463ac365af82c3ccfabc1b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-GPL4UUTr_ufM-DbxKFpAkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.123cards.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-GPL4UUTr_ufM-DbxKFpAkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=662DF400EFE244FA99E7F2E046ADA3FA&RedC=c.clarity.ms&MXFR=3043928F60456C3729E6837F6445629A
https://c.clarity.ms/c.gif?CtsSyncId=662DF400EFE244FA99E7F2E046ADA3FA&MUID=3FBF4676CDAC6B0B2B225786CC5D6A45

42 B
370 B

57ms
57ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=662DF400EFE244FA99E7F2E046ADA3FA&MUID=3FBF4676CDAC6B0B2B225786CC5D6A45
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 29 Jul 2022 23:34:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6EEF46E644514AA592172F908FAA57AB Ref B: ZRHEDGE0713 Ref C: 2022-07-29T23:34:50Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=662DF400EFE244FA99E7F2E046ADA3FA&MUID=3FBF4676CDAC6B0B2B225786CC5D6A45
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 495ms
121ms Image
image/gif 158.69.52.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=171ac060913a48b1ab6372c1659abd38&correlationId=11cf50e1-0fec-41e0-a5dd-1117086aa25b&application=123cards-prod&x=4ff18d70-b7bf-48e2-ab12-acdfe3090412&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-3.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.123cards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 23:34:50 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 mod_pagespeed_beacon Show response
www.123cards.com/ 0
62 B 124ms
123ms XHR
text/plain 3.33.254.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123cards.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.123cards.com%2Fhelp%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_content%3Dbirthdays-july-2022-lclckd20

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.254.212 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab0cfa08f2d2a3a9d.awsglobalaccelerator.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.123cards.com/help/?utm_source=newsletter&utm_medium=email&utm_content=birthdays-july-2022-lclckd20
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Jul 2022 23:34:50 GMT
cache-control: max-age=0, no-cache
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2628000

POST
H2 204 collect Show response
j.clarity.ms/ 0
177 B 659ms
375ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.123cards.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.123cards.com
date: Fri, 29 Jul 2022 23:34:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.123cards.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: q61d6oiu30p6n09oa1h2qduvhj
www.123cards.com/	1970-01-20 05:35:29	Name: utm_source Value: fd51ee042657f1cf19cad08287430ac212e1e4e4623574b3768664fc7b70dde8a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22utm_source%22%3Bi%3A1%3Bs%3A10%3A%22newsletter%22%3B%7D
www.123cards.com/	1970-01-20 05:35:29	Name: utm_medium Value: 3c6f194f21b40a112626264359a096631f63a83f9719bc306cc571b4bc428ad0a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22utm_medium%22%3Bi%3A1%3Bs%3A5%3A%22email%22%3B%7D
www.123cards.com/	1970-01-20 05:35:29	Name: utm_content Value: 08558041970d0512941090d85e48a353a8de11af8797a1c8b999d4fe12868208a%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22utm_content%22%3Bi%3A1%3Bs%3A28%3A%22birthdays-july-2022-lclckd20%22%3B%7D
www.123cards.com/	1970-01-22 00:04:17	Name: curr_uinfo Value: 26e95b8dcd664719ecaed4cc6c7250a6486c50ffeaf47bcac9a6e8a268bfe2f1a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22curr_uinfo%22%3Bi%3A1%3Bs%3A44%3A%22%7B%22timezone%22%3A%22Europe%5C%2FRome%22%2C%22country_id%22%3A112%7D%22%3B%7D
www.123cards.com/	1969-12-31 23:59:59	Name: _csrf Value: 18f304fe07753190904938771a4b3e229e99af3baa035e47486a5da2442fdc22a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22IbD_tD16mpb4-mba0eGGazEyjmNP9F39%22%3B%7D
.123cards.com/	1970-01-20 07:01:53	Name: _gcl_au Value: 1.1.1329029616.1659137689
.123cards.com/	1970-01-20 04:53:44	Name: _gid Value: GA1.2.1232351602.1659137689
.bing.com/	1970-01-20 14:13:53	Name: MUID Value: 3FBF4676CDAC6B0B2B225786CC5D6A45
.123cards.com/	1970-01-20 04:53:44	Name: _uetsid Value: 099a85d00f9711edbf3a7d6f51a04aa3
.123cards.com/	1970-01-20 14:13:53	Name: _uetvid Value: 099aaeb00f9711ed836f5f8640f6bf51
.123cards.com/	1970-01-20 22:23:29	Name: _ga_NL69SERHSR Value: GS1.1.1659137689.1.0.1659137689.60
.123cards.com/	1970-01-20 22:23:29	Name: _ga Value: GA1.1.1913725513.1659137689
.123cards.com/	1970-01-20 04:52:17	Name: _dc_gtm_UA-30631-54 Value: 1
.doubleclick.net/	1970-01-20 04:52:18	Name: test_cookie Value: CheckForPermission
.123cards.com/	1970-01-20 07:01:53	Name: _fbp Value: fb.1.1659137689621.949441876
.facebook.com/	1970-01-20 07:01:53	Name: fr Value: 0wyqZyup1OnR3hDOA..Bi5G6Z...1.0.Bi5G6Z.
www.clarity.ms/	1970-01-20 13:37:53	Name: CLID Value: e4a59538d704495e8543b11074ecfe06.20220729.20230729
.123cards.com/	1970-01-20 13:37:53	Name: _clck Value: 8trg2d\|1\|f3k\|0
.c.bing.com/	1970-01-20 14:13:53	Name: SRM_B Value: 3FBF4676CDAC6B0B2B225786CC5D6A45
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:13:53	Name: MUID Value: 3FBF4676CDAC6B0B2B225786CC5D6A45
.c.clarity.ms/	1970-01-20 04:52:18	Name: ANONCHK Value: 0
.123cards.com/	1970-01-20 04:53:44	Name: _clsk Value: 223pir\|1659137690947\|1\|1\|j.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2628000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
audit-tcfv2.cmp.quantcast.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.trackjs.com
click.pstmrk.it
cmp.quantcast.com
connect.facebook.net
googleads.g.doubleclick.net
j.clarity.ms
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
static.123cards.com
stats.g.doubleclick.net
test.cmp.quantcast.com
test.quantcast.mgr.consensu.org
usage.trackjs.com
www.123cards.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
142.251.36.66
158.69.52.117
20.234.93.27
20.85.30.134
2001:4860:4802:34::36
2600:9000:206e:a800:3:7dd0:9180:93a1
2600:9000:211a:f800:9:46dc:4700:93a1
2600:9000:2171:7600:3:a4cd:8380:93a1
2600:9000:2171:f000:9:46dc:4700:93a1
2600:9000:225e:1800:3:a4cd:8380:93a1
2600:9000:2304:e000:6:44e3:f8c0:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:27::cafe:2277
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:828::200d
2a00:1450:4001:82b::2008
2a00:1450:400c:c1b::9d
2a00:1450:4014:80a::2002
2a00:1450:4014:80a::2004
2a00:1450:4014:80e::2003
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.33.254.212
3.73.234.22
54.155.201.27
94.31.29.32
0476520233632261e569c62d06c10e20eb62737d2815b08777f439f0d7677bb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2a58e986c217ce8b772ec38234296ee7e7e0ab2bab889d8e2bc0f25f4b835c08
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
379d51555766e6b528c2e5bdac78bdf6c49482fb98160ac615eb69049763fb7e
384f731fb78cf245c1f8c59fc22e4f0849e352435f4c90b1d0df1ecdd85ded0d
3f0c0cde519c0ddca529b28f0aff9c2d35c9762b3056891600904d9fcc2b9a0b
3f8d53ca9471d77584c45cfff20670742add5ce5ea463ac365af82c3ccfabc1b
418a3180a801fce0f37de0c30dd5ed8a2f7fdbe6447f70412ac2975b4d06350e
4ad59134e15c1f677548afe56d2b02707bd580ab670ca66ab257c02eb48c6235
4af46c1a7efb9d642a5697fc7c11a31affeac1156e375ef3b068f4715037f24d
51eb631a349d9c76ff727c938dbd01c20375c9b3409429f9b41b7ac2da7173e2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57ba11a4cb373b1ac5aaa41a695cd824ab9ec997f02c6c350bd12922f889f3f7
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
6f86913625f597d9223e036932e386a50f008540131886e3195a9c0c865ff50f
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d470af79ddec2f592ce6c268affef9e1ea59d4d557e39efc0f1157d094d5156
8e477acce596324e443ae25feefec14dfb15bd6fa9fce2e4de1d5a3c09a15536
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ef26dc60d3df71704c688893e7c767210f6bb3992de81cb8b758a765eb34a8
a0102f21efb53621d5375012347f7e65eb58c9cf6edc24790dec17e813be021a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a35c4200e77d94540325387dd2a0e413cf9a97a94b2d4aa6cdd5adf57f893d60
ae839d705e84045625bbe59208dcccabdc2559d79397d0b37aecebd9ed469d3c
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
b8b4d1d801b78f21093f1b3679df227a7b82b73686c7fae65245cb162d54fba1
c8ba6831544c490157faa66f50bf9e1d57328dcab2d963704a4c58619d97d259
cda5cb6881d87112bf2646274f104b594a781a4ef35bcf5dcbf664d0f02aa829
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d331bd83f946372d56af23f728b21a3d44b9d63d1e562eb40c070cb7984a3377
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d
dda961c684bb8f6a9e1d37502469bc063b1d90b4966c81ea03f07079a6036a59
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e66aa9f45e47e1b823ca9d2a68648e2227d46162d4f63b4b1a3cf1c9202860
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ec737ea1650b8164d79e9fe5b53e9a338379879df862c9ecdc6f695762be6263
eec24698047d7bfa844d3e4983cce7a4f59abaaff393a0d0d2224113584362c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d6ad0a868f1c259f483be4bdaa2d2e9b305b9f1b8f16cb4a8db9509f4d1141
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff2a0d1ab56d392e16fa9a5382f8d6728aba8222648c9ba03c7fd290088b3f70

www.123cards.com Open in urlscan Pro 3.33.254.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

72 %IPv6

19 Domains

30 Subdomains

28 IPs

7 Countries

1041 kBTransfer

3622 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.123cards.com Open in urlscan Pro
3.33.254.212 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

72 %
IPv6

19
Domains

30
Subdomains

28
IPs

7
Countries

1041 kB
Transfer

3622 kB
Size

24
Cookies

58 HTTP transactions
0 data transactions