urlscan.io logo urlscan.io
SecurityTrails logo

www.messletters.com Open in urlscan Pro
2606:4700:3037::ac43:8397  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://messletters.com/
Effective URL: https://www.messletters.com/en/
Submission: On October 10 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 8 countries across 24 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3037::ac43:8397, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.messletters.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2020. Valid for: a year.
This is the only time www.messletters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 172.217.23.162 15169 (GOOGLE)
3 99.86.240.180 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 37.252.161.190 29990 (ASN-APPNEX)
1 104.16.68.69 13335 (CLOUDFLAR...)
1 35.244.159.8 15169 (GOOGLE)
1 63.35.44.167 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 37.252.173.38 29990 (ASN-APPNEX)
1 104.111.215.135 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-)
4 6 2606:2800:233... 15133 (EDGECAST)
4 67.202.110.21 32748 (STEADFAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 52.95.118.60 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
60 26
1    2606:4700:3030::681c:3a (United States)

ASN13335 (CLOUDFLARENET, US)
messletters.com
14    2606:4700:3037::ac43:8397 (United States)

ASN13335 (CLOUDFLARENET, US)
www.messletters.com
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3030::681c:1ae7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
3    99.86.240.180 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-180.vie50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    37.252.161.190 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
1    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
1    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
digikulture-d.openx.net
1    63.35.44.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-44-167.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    2a02:fa8:8806:13::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)
web.hb.ad.cpe.dotomi.com
6    2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)
adserver-us.adtech.advertising.com
4    67.202.110.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net
ssc.33across.com
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com
Domain Requested by
14 www.messletters.com 1 redirects www.messletters.com
6 adserver-us.adtech.advertising.com 4 redirects
4 ssc.33across.com cdn.adapex.io
4 pagead2.googlesyndication.com www.messletters.com
pagead2.googlesyndication.com
3 7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 c.amazon-adsystem.com cdn.adapex.io
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 ib.adnxs.com cdn.adapex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 htlb.casalemedia.com cdn.adapex.io
1 hbopenbid.pubmatic.com cdn.adapex.io
1 ads.yieldmo.com cdn.adapex.io
1 digikulture-d.openx.net cdn.adapex.io
1 dmx.districtm.io cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 mug.criteo.com www.messletters.com
1 gum.criteo.com 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.youtube.com www.messletters.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.messletters.com
1 cdn.adapex.io www.messletters.com
1 cdnjs.cloudflare.com www.messletters.com
1 fonts.googleapis.com www.messletters.com
1 messletters.com 1 redirects
60 31
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.yieldmo.com
Amazon		 2020-06-23 -
2021-07-23		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2020-03-30 -
2022-06-25		 2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.messletters.com/en/
Frame ID: 5AE10BF83B2FE04E12593AA861F09C95
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xbpXgroBoa4
Frame ID: E022524AC896B7F3E72829F7188FD4E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: BE14AEFBE313650E6C79D2FBA83CA8D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4132365654550768&output=html&h=17&slotname=6655932530&adk=2645547253&adf=3876757048&w=583&fwrn=4&lmt=1602356552&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=583x17_0ads_al&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&flash=0&hl=EN&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602356552579&bpp=25&bdt=399&idt=107&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5611203738838&frm=20&pv=2&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&ga_fc=0&iag=0&icsg=2285644527&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=529&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2705965136233449&pem=429&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gyBl2v4wz8&p=https%3A//www.messletters.com&dtd=126
Frame ID: 80B9A384F3A3B2F721890A7A2FE8EB57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4132365654550768&output=html&adk=1812271804&adf=3025194257&lmt=1602356552&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602356552635&bpp=3&bdt=454&idt=148&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=583x17_0ads_al&nras=1&correlator=5611203738838&frm=20&pv=1&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&ga_fc=0&iag=0&icsg=10875579119&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2705965136233449&pem=429&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152
Frame ID: 971CB13E9DF7449123015F5E68738849
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv&dcc=t
Frame ID: CA44A202ABCDDF9BF88E739289F3D11E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 016D9CFDB73449004B9DA9250ECD38EE
Requests: 1 HTTP requests in this frame

Frame: https://7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 77F6AB2874AB8EB0AB979F0086ED98A2
Requests: 1 HTTP requests in this frame

Frame: https://7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 72135438BB1A59FD3972FF80E184020B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://messletters.com/ HTTP 301
    https://www.messletters.com/ HTTP 302
    https://www.messletters.com/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

60
Requests

100 %
HTTPS

57 %
IPv6

24
Domains

31
Subdomains

26
IPs

8
Countries

586 kB
Transfer

1685 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://messletters.com/ HTTP 301
    https://www.messletters.com/ HTTP 302
    https://www.messletters.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.messletters.com%2F&domain=www.messletters.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=n4OG-3xuU0ErS0UxVTg0U1RBM1VGSjQ4TXY5UEVJWXNIR3pyVUlwaGJoakxiUkJkcGhrOHFucWZ5TWZMbWdHODlYdEdZcFAxS3phZlhOdHRWR0lOVnU3QjlpcmUrc1VaQUhhNXV4ZnBsK2VXcFpybWhocWZFUkxPSWV2SXpkZTZMNGhiNlNUZk1QOTRzKzRONWVrcjBpU0hrbkRZdVRyVXBLa1pmWVBoVGhDdEVhWUdjaUhjU05RbVJjU2pDWW1tS0dQeElZTE01ME9NYVVVQlRGUkhpUmlqS3hqdFRTSVlpMHdWSjNKelNkT1BTNUJrPXw&cppv=2
Request Chain 40
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;apid=1A26eba3f4-0b2b-11eb-b7e5-1234a9bcb81c;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01
Request Chain 41
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;apid=1A26ee6544-0b2b-11eb-8cde-12121b825df6;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01
Request Chain 51
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv&dcc=t

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.messletters.com/en/
Redirect Chain
  • http://messletters.com/
  • https://www.messletters.com/
  • https://www.messletters.com/en/
90 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c275c6563c59538e0c313b0376ca417af5d5c51f1c038357f21de08c4b2e3229

Request headers

:method
GET
:authority
www.messletters.com
:scheme
https
:path
/en/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=db9ffeb281a794958c661374fc8c418e21602356551
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 10 Oct 2020 19:02:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
language=en; expires=Sun, 10-Oct-2021 19:02:31 GMT; Max-Age=31536000; path=/; domain=messletters.com; SameSite=Strict
cf-cache-status
DYNAMIC
cf-request-id
05b57db98f00001f31ae09a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e0298a27df11f31-FRA
content-encoding
br

Redirect headers

status
302
date
Sat, 10 Oct 2020 19:02:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
location
https://www.messletters.com/en/
cf-cache-status
DYNAMIC
cf-request-id
05b57db93400001f31ae094200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e0298a1eca71f31-FRA
css
fonts.googleapis.com/ 		437 B
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ab974ecbea86bb7f98910529ee91abbf6a182aa647e04dd7032734955d8303d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Oct 2020 18:41:00 GMT
server
ESF
date
Sat, 10 Oct 2020 19:02:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Oct 2020 19:02:32 GMT
master.css
www.messletters.com/style/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/style/master.css?v=20.8.17.0
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127085a14ada8df4333c4b519061e0c8fdf5bffd000db0651a1d874c40526450

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6132
cf-polished
origSize=10664
status
200
cf-request-id
05b57db9fa00001f31ae0a0200000001
last-modified
Sun, 16 Aug 2020 19:25:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
5e0298a32f551f31-FRA
cf-bgj
minify
messletters.css
www.messletters.com/style/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/style/messletters.css?v=20.8.17.0
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c81978fdee951ac6ee8cc09702cdc9989efa92f99ca61c8ed242b35f9d20cad

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4066
cf-polished
origSize=3770
status
200
cf-request-id
05b57db9fb00001f31ae0a1200000001
last-modified
Mon, 22 Jun 2020 21:31:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
5e0298a32f581f31-FRA
cf-bgj
minify
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
253843
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26909
cf-request-id
05b57db9fa0000dff71d8be200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e0298a32ad4dff7-FRA
expires
Thu, 30 Sep 2021 19:02:32 GMT
scripts.js
www.messletters.com/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/scripts/scripts.js?v=20.8.17.0
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b8fbe141c6f3d89c08db19505e4cd0a56491f909e2ebb8ff7898347976c1d7

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6132
cf-polished
origSize=6422
status
200
cf-int-pingora-origin-digest
{"ext_ip":"162.158.90.76","ext_port":60880,"upstream_rtt":7,"upstream_reused":false,"cipher":"ECDHE-RSA-AES128-GCM-SHA256","tls_version":"TLSv1.2","cert_digest":"MchhMSK7DRdD6WCLu2fPfc+yOqOBCXmTe4joIuriLdk","http_version":1}
cf-request-id
05b57db9fb00001f31ae0a2200000001
last-modified
Tue, 14 Jul 2020 01:35:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
5e0298a32f5c1f31-FRA
cf-bgj
minify
jquery.autosize.min.js
www.messletters.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/scripts/jquery.autosize.min.js
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61c279f01260826e6179341edd2b90c159ba0601816f9675912ca1e6978dfa9

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Feb 2015 05:33:21 GMT
server
cloudflare
age
6132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5e0298a32f5e1f31-FRA
cf-request-id
05b57db9fb00001f31ae0a3200000001
aaw.msl.js
cdn.adapex.io/hb/ 		333 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.msl.js
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad33766c19b9357f2858aa75aa82e97b0998db5bd8fcb6473fc0cfe9da5080a

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
17324
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05b57dba340000177e4f96e200000001
last-modified
Tue, 06 Oct 2020 05:09:20 GMT
server
cloudflare
etag
W/"5f7bfc00-535c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
5e0298a38e70177e-FRA
expires
Sun, 11 Oct 2020 14:12:34 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5528752-2
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa015b6e1f9016ce8504b6e9b7e9d0f76bd7151969eb2bc731db23a9a675e8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37231
x-xss-protection
0
last-modified
Sat, 10 Oct 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Oct 2020 19:02:32 GMT
logo2020.png
www.messletters.com/images/other/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.messletters.com/images/other/logo2020.png
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0aa50065418b7d3ff8f353b83548a727ad4279acb74be33e6746a2dce6247b4

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
640
status
200
content-length
3359
cf-request-id
05b57dba1e00001f31ae0a7200000001
last-modified
Fri, 08 May 2020 21:13:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5e0298a36fc91f31-FRA
ticker.js
www.messletters.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/scripts/ticker.js
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa600f792190db61827b6fde8280cdcf34b9e81834708cd883c8c68dae45ee7b

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6132
cf-polished
origSize=3273
status
200
cf-request-id
05b57dba0d00001f31ae0a4200000001
last-modified
Mon, 16 Feb 2015 05:33:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
5e0298a34f901f31-FRA
cf-bgj
minify
messletters.js
www.messletters.com/scripts/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/scripts/messletters.js?v=20.8.17.0
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93d5ac72785c9c4dd7cc3a1d0ca8645e24a21859838c6afe1f6f7213e4e1fa22

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4066
cf-polished
origSize=53350
status
200
cf-request-id
05b57dba1100001f31ae0a5200000001
last-modified
Thu, 02 Jan 2020 15:20:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
5e0298a34f991f31-FRA
cf-bgj
minify
messletters_static.js
www.messletters.com/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.messletters.com/scripts/messletters_static.js?v=20.8.17.0
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dcf7b3f3acb5a98cb01e88291bd18cbbb55762cb06718034321d2fbad8a210a

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5083
cf-polished
origSize=6548
status
200
cf-request-id
05b57dba1e00001f31ae0a6200000001
last-modified
Tue, 14 Jul 2020 01:39:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
5e0298a36fc51f31-FRA
cf-bgj
minify
body.gif
www.messletters.com/images/backgrounds/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.messletters.com/images/backgrounds/body.gif
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/style/master.css?v=20.8.17.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe7ffc89e90235c3bfa72779ea3b1f9d8adb1f3d63d1b4920d158d15522fc6f

Request headers

Referer
https://www.messletters.com/style/master.css?v=20.8.17.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
95
status
200
content-length
1984
cf-request-id
05b57dba1f00001f31ae0a8200000001
last-modified
Mon, 16 Feb 2015 05:32:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5e0298a36fca1f31-FRA
icons.png
www.messletters.com/images/icons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.messletters.com/images/icons/icons.png
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/style/master.css?v=20.8.17.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b7997633e5c57b02a8f562e4b449fab121e3c992a390168c444aa3f5f56ac5

Request headers

Referer
https://www.messletters.com/style/master.css?v=20.8.17.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6132
status
200
content-length
12215
cf-request-id
05b57dba1f00001f31ae0a9200000001
last-modified
Sun, 17 May 2020 21:58:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5e0298a36fcb1f31-FRA
SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.messletters.com
Referer
https://fonts.googleapis.com/css?family=Droid+Sans
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 05:28:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:00:07 GMT
server
sffe
age
221658
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11236
x-xss-protection
0
expires
Fri, 08 Oct 2021 05:28:14 GMT
icons.png
www.messletters.com/images/icons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.messletters.com/images/icons/icons.png?v=1
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/style/master.css?v=20.8.17.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b7997633e5c57b02a8f562e4b449fab121e3c992a390168c444aa3f5f56ac5

Request headers

Referer
https://www.messletters.com/style/master.css?v=20.8.17.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4276
status
200
content-length
12215
cf-request-id
05b57dba7b00001f31ae0b2200000001
last-modified
Sun, 17 May 2020 21:58:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5e0298a3f8fc1f31-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45810
x-xss-protection
0
server
cafe
etag
4194128766866836437
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Oct 2020 19:02:32 GMT
experimental12x12.png
www.messletters.com/images/icons/ 		423 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.messletters.com/images/icons/experimental12x12.png
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/style/messletters.css?v=20.8.17.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8397 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1798ea84be7911c616d75e58d979c0dfffa6cc177c33e31125bb2abdf34c0781

Request headers

Referer
https://www.messletters.com/style/messletters.css?v=20.8.17.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4276
status
200
content-length
423
cf-request-id
05b57dba7b00001f31ae0b3200000001
last-modified
Thu, 02 Aug 2018 07:35:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602356552"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
5e0298a3f8fe1f31-FRA
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5528752-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1734
date
Sat, 10 Oct 2020 18:33:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Sat, 10 Oct 2020 20:33:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
e53375a0e41bf353854054858aaaa26f6eeae9a94d4259347d7ea2441818da6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"659 / 902 of 1000 / last-modified: 1602281443"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17600
x-xss-protection
0
expires
Sat, 10 Oct 2020 19:02:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		109 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.180 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-180.vie50.r.cloudfront.net
Software
Server /
Resource Hash
5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 18:11:14 GMT
content-encoding
gzip
server
Server
age
3077
etag
0ef1f140246b7e0337b522d7332711d3
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
9upqTxlZffHNkorIbil0ItHCJlyYktYhRjSj-MRJjtVvi8T-eYPDqQ==
via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
xbpXgroBoa4
www.youtube.com/embed/ Frame E022 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/xbpXgroBoa4
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/xbpXgroBoa4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
cache-control
no-cache
x-content-type-options
nosniff
content-length
10893
date
Sat, 10 Oct 2020 19:02:32 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=px69ZXGBung; path=/; domain=.youtube.com; secure; expires=Thu, 08-Apr-2021 19:02:32 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=px69ZXGBung; path=/; domain=.youtube.com; secure; expires=Thu, 08-Apr-2021 19:02:32 GMT; httponly; samesite=None YSC=STXFIQb9f0U; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 10-Oct-2020 19:32:32 GMT
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ 		230 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88664
x-xss-protection
0
server
cafe
etag
2239360983930794775
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Oct 2020 19:02:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame BE14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201007/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 10 Oct 2020 17:34:09 GMT
expires
Sat, 24 Oct 2020 17:34:09 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
5303
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1968068476&t=pageview&_s=1&dl=https%3A%2F%2Fwww.messletters.com%2Fen%2F&ul=en-us&de=UTF-8&dt=Messletters%20%E2%80%A2%20Fancy%20Font%20Generator%20%F0%9F%98%8D%20Stylish%20Text%2C%20Emoji%20and%20Symbols!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=616601545&gjid=1934999109&cid=1893487101.1602356553&tid=UA-5528752-2&_gid=1004188550.1602356553&_r=1&gtm=2ou9u1&z=660920879
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.messletters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2020100601.js
securepubads.g.doubleclick.net/gpt/ 		271 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
d30402b6c051753a27998a64e310201b9ffa7aa6688afb8ce936f349f257180e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 08:39:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97495
x-xss-protection
0
expires
Sat, 10 Oct 2020 19:02:32 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.messletters.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.messletters.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 80B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4132365654550768&output=html&h=17&slotname=6655932530&adk=2645547253&adf=3876757048&w=583&fwrn=4&lmt=1602356552&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=583x17_0ads_al&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&flash=0&hl=EN&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602356552579&bpp=25&bdt=399&idt=107&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5611203738838&frm=20&pv=2&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&ga_fc=0&iag=0&icsg=2285644527&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=529&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2705965136233449&pem=429&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gyBl2v4wz8&p=https%3A//www.messletters.com&dtd=126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4132365654550768&output=html&h=17&slotname=6655932530&adk=2645547253&adf=3876757048&w=583&fwrn=4&lmt=1602356552&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=583x17_0ads_al&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&flash=0&hl=EN&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602356552579&bpp=25&bdt=399&idt=107&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5611203738838&frm=20&pv=2&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&ga_fc=0&iag=0&icsg=2285644527&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=529&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2705965136233449&pem=429&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gyBl2v4wz8&p=https%3A//www.messletters.com&dtd=126
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 10 Oct 2020 19:02:32 GMT
server
cafe
content-length
5686
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 10-Oct-2020 19:17:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 10 Oct 2020 19:02:32 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602243746703548"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Sat, 10 Oct 2020 19:02:32 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.messletters.com%2F&domain=www.messletters.com&cw=1
  • https://mug.criteo.com/sid?cpp=n4OG-3xuU0ErS0UxVTg0U1RBM1VGSjQ4TXY5UEVJWXNIR3pyVUlwaGJoakxiUkJkcGhrOHFucWZ5TWZMbWdHODlYdEdZcFAxS3phZlhOdHRWR0lOVnU3QjlpcmUrc1VaQUhhNXV4ZnBsK2VXcFpybWhocWZFUkxPSWV2SX...
342 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=n4OG-3xuU0ErS0UxVTg0U1RBM1VGSjQ4TXY5UEVJWXNIR3pyVUlwaGJoakxiUkJkcGhrOHFucWZ5TWZMbWdHODlYdEdZcFAxS3phZlhOdHRWR0lOVnU3QjlpcmUrc1VaQUhhNXV4ZnBsK2VXcFpybWhocWZFUkxPSWV2SXpkZTZMNGhiNlNUZk1QOTRzKzRONWVrcjBpU0hrbkRZdVRyVXBLa1pmWVBoVGhDdEVhWUdjaUhjU05RbVJjU2pDWW1tS0dQeElZTE01ME9NYVVVQlRGUkhpUmlqS3hqdFRTSVlpMHdWSjNKelNkT1BTNUJrPXw&cppv=2
Requested by
Host: www.messletters.com
URL: https://www.messletters.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3483958327260f53e180e8576e6e114d37f9592d09ee93a2404e6f0c633983e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 10 Oct 2020 19:02:32 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1185
content-length
342
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Sat, 10 Oct 2020 19:02:31 GMT
location
https://mug.criteo.com/sid?cpp=n4OG-3xuU0ErS0UxVTg0U1RBM1VGSjQ4TXY5UEVJWXNIR3pyVUlwaGJoakxiUkJkcGhrOHFucWZ5TWZMbWdHODlYdEdZcFAxS3phZlhOdHRWR0lOVnU3QjlpcmUrc1VaQUhhNXV4ZnBsK2VXcFpybWhocWZFUkxPSWV2SXpkZTZMNGhiNlNUZk1QOTRzKzRONWVrcjBpU0hrbkRZdVRyVXBLa1pmWVBoVGhDdEVhWUdjaUhjU05RbVJjU2pDWW1tS0dQeElZTE01ME9NYVVVQlRGUkhpUmlqS3hqdFRTSVlpMHdWSjNKelNkT1BTNUJrPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.messletters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
990
content-length
482
expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		323 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
7225362559924ba66073876d2a26bd6be97694147e77764d9179d06b7d706fe9

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Oct 2020 19:02:32 GMT
Content-Encoding
gzip
Server
nginx/1.13.10
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.messletters.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
v1
dmx.districtm.io/b/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
cf-ray
5e0298a77f1ffa3c-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
05b57dbcae0000fa3cab399200000001
arj
digikulture-d.openx.net/w/1.0/ 		174 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.messletters.com%2Fen%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=df3e8097-c650-4a9e-8cb5-ccca4cb17670%2Ce1728c92-7060-4175-afb4-87dc41ff5a32%2Cfaed209e-ce61-49e9-b1c0-04f0ab3430d8%2C60032ec1-233a-4804-9fb0-63da534e27d8&nocache=1602356552748&pubcid=fb48d0f2-ab6d-4a6c-981e-108ddd8593b2&schain=1.0%2C1!adapex.io%2Cs313%2C1%2C%2C%2C&aus=160x600%2C120x600%7C160x600%2C120x600%7C728x90%2C468x60%2C728x250%7C728x90%2C468x60%2C728x250%2C420x350&divIds=67e073da-f887-43e4-87aa-de0513ee24ac%2C2e18f4a6-1933-4c79-8577-26bcb1abf417%2C75e831fe-7526-4afc-bc8a-c4d4ee12bc2e%2C83a0b459-7ce7-49b7-ba7e-96e9ec47ac60&auid=541062178%2C541062179%2C541062171%2C541062182&aumfs=10%2C10%2C10%2C10
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.194.0 /
Resource Hash
874f2de8e3aedbf21242ffe508c4c53b737ab8db7f77943a7df70ca2eccb59d0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
server
OXGW/16.194.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.messletters.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.9.0&p=%5B%7B%22placement_id%22%3A%2267e073da-f887-43e4-87aa-de0513ee24ac%22%2C%22callback_id%22%3A%224702af45a3aea2f%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222366066649758376164%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%222e18f4a6-1933-4c79-8577-26bcb1abf417%22%2C%22callback_id%22%3A%2248d54250d9bd9ed%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222366066649859039461%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%2275e831fe-7526-4afc-bc8a-c4d4ee12bc2e%22%2C%22callback_id%22%3A%2249b1c984cc49f4e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B728%2C250%5D%5D%2C%22ym_placement_id%22%3A%222366066649959702758%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%2283a0b459-7ce7-49b7-ba7e-96e9ec47ac60%22%2C%22callback_id%22%3A%225016c77ce499353%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B728%2C250%5D%2C%5B420%2C350%5D%5D%2C%22ym_placement_id%22%3A%222366066650060366055%22%2C%22bidFloor%22%3A0.01%7D%5D&page_url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&bust=1602356552749&pr=https%3A%2F%2Fwww.messletters.com%2Fen%2F&scrd=1&dnt=false&description=Create%20cool%20stylish%20text%20to%20copy%20and%20paste%20with%20our%20Fancy%20Font%20Generator%20(%20%CB%98%20%C2%B3%CB%98)%F0%9F%92%95%F0%9F%92%AF%20Use%20it%20on%20Instagram%2C%20Facebook%2C%20Whatsapp%20or%20wherever%20you%20like!&title=Messletters%20%E2%80%A2%20Fancy%20Font%20Generator%20%F0%9F%98%8D%20Stylish%20Text%2C%20Emoji%20and%20Symbols!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=fb48d0f2-ab6d-4a6c-981e-108ddd8593b2&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s313%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.44.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-44-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:32 GMT
status
204
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sat, 10 Oct 2020 19:02:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.messletters.com
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Oct 2020 19:02:32 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid
78d47a05-f5a0-451e-9732-9816ddbb567d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.messletters.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=435080&v=7.2&r=%7B%22id%22%3A%2261485409f118f45%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2262f74ba7aa9b0e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435080%22%2C%22sid%22%3A%22160x600%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22638634427257673%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435080%22%2C%22sid%22%3A%22120x600%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22647bccf015665aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435081%22%2C%22sid%22%3A%22160x600%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22656eef6d262f434%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435081%22%2C%22sid%22%3A%22120x600%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226644df58a3f99e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435075%22%2C%22sid%22%3A%22728x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226724fb461d96cd2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435075%22%2C%22sid%22%3A%22468x60%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22683e5786bce7503%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435075%22%2C%22sid%22%3A%22728x250%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2269d910cd877800f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435082%22%2C%22sid%22%3A%22728x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227093d822e93e348%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435082%22%2C%22sid%22%3A%22468x60%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2271b5d51ffe3baba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435082%22%2C%22sid%22%3A%22728x250%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227290ae4d6d46c6a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435082%22%2C%22sid%22%3A%22420x350%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A420%2C%22h%22%3A350%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.messletters.com%2Fen%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s313%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c4ab01eef961784723f60b1bdd4b4894c53aaa7338013890032cb01e19096c4a

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
gzip
server
Apache
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.messletters.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
expires
Sat, 10 Oct 2020 19:02:33 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Oct 2020 19:02:32 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid
352192bd-9ff6-460a-972b-3e19f8ea2658
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.messletters.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		390 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
31bbbecce5fe1df8faab0019d4e29d25da2fb4391138b0f51ebea815a2811964

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:32 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.messletters.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
390
expires
0
ADTECH;apid=1A26eba3f4-0b2b-11eb-b7e5-1234a9bcb81c;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;apid=1A26eba3f4-0b2b-11eb-b7e5-1234a9bcb81c;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=16...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;apid=1A26eba3f4-0b2b-11eb-b7e5-1234a9bcb81c;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
2760654e9b6c7c79028bc0fd007d679e0ce09fbeaf9fb187537b58de0a63029c

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:33 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.messletters.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
1469
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:32 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5165520/0/0/ADTECH;apid=1A26eba3f4-0b2b-11eb-b7e5-1234a9bcb81c;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=916765c6a1b4746;misc=1602356552778;bidfloor=0.01
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.messletters.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A26ee6544-0b2b-11eb-8cde-12121b825df6;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;apid=1A26ee6544-0b2b-11eb-8cde-12121b825df6;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=16...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;apid=1A26ee6544-0b2b-11eb-8cde-12121b825df6;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
7864efc98a416143e7029e5430c21b87fa5453e743eade49b7432915d0b66049

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:33 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.messletters.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json
content-length
1469
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:32 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5171042/0/0/ADTECH;apid=1A26ee6544-0b2b-11eb-8cde-12121b825df6;cfp=1;rndc=1602356552;v=2;cmd=bid;cors=yes;alias=929f2b6bce7fffc;misc=1602356552779;bidfloor=0.01
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.messletters.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cB47sACfCr6OodaKlId8sQ
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
ffaf7fc2a676784fb10652495e6114ea4205c2820f7ea6df6584e61d7714c7fc

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cE47HMCfCr6OodaKlId8sQ
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
2d1e7f3331c8b78b435887f499fad289833a6c973f97c5227cbb5cddb26883c5

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=czHoQeCfCr6OodaKlId8sQ
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
9733ae4071bdff63aebc5a42c720af3b2700a58714aa2646c64d97e8d3f17dd7

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cHA0wKCfCr6OodaKlId8sQ
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.msl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
452db5003531e902c281a43cd8a2ac31522a44c19405526c00c6a7dae4808eda

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
ads
googleads.g.doubleclick.net/pagead/ Frame 971C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4132365654550768&output=html&adk=1812271804&adf=3025194257&lmt=1602356552&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602356552635&bpp=3&bdt=454&idt=148&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=583x17_0ads_al&nras=1&correlator=5611203738838&frm=20&pv=1&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&ga_fc=0&iag=0&icsg=10875579119&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2705965136233449&pem=429&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4132365654550768&output=html&adk=1812271804&adf=3025194257&lmt=1602356552&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602356552635&bpp=3&bdt=454&idt=148&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=583x17_0ads_al&nras=1&correlator=5611203738838&frm=20&pv=1&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&ga_fc=0&iag=0&icsg=10875579119&dssz=31&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2705965136233449&pem=429&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 10 Oct 2020 19:02:32 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
IDE=AHWqTUlYCrAlGM_Tk1W5YJ7uY5D0rkRaDNQWK2UcrIRYLm12Ft-yaLzN0PdV9EKA; expires=Thu, 04-Nov-2021 19:02:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 10 Oct 2020 19:02:32 GMT
cache-control
private
bid
c.amazon-adsystem.com/e/dtb/ 		109 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.messletters.com%2Fen%2F&pid=8pWbhnxc8nYNV&cb=0&ws=1600x1200&v=7.55.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F232881841%2FMSL_160v_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F232881841%2FMSL_160v_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F232881841%2FMSL_728v_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%2C%22728x250%22%2C%22420x350%22%5D%2C%22sn%22%3A%22%2F232881841%2FMSL_728v_2%22%7D%5D&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.180 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-180.vie50.r.cloudfront.net
Software
Server /
Resource Hash
2545252f365850b27d3b17f831705aacc022c37cdf2273f7b5cbb32ca084bdc4

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
VIE50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.messletters.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
121
via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
x-amz-cf-id
KaC4vVr_bCt26tJXpH0JmUBLGVzK04DWKraXZFbOZjVyq7qqiNuq0g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.180 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-180.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 20:36:10 GMT
content-encoding
gzip
vary
Origin
age
80784
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
zhoNHLN57hWOip9kwPqwGUxWAsWbOSgJcMcDHeG-fbxuZkwhMhxYlA==
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201007&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaab330c906c7acfe1814e6204a3010e05a0e94f09aeca10baa64ac0fea9c42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Oct 2020 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6625
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Sat, 10 Oct 2020 19:02:33 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame CA44
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.messletters.com/en/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4l40CWplkG9gpca1_M27Ac|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

Server
Server
Date
Sat, 10 Oct 2020 19:02:33 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
186
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A4l40CWplkG9gpca1_M27Ac; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jul-2021 19:02:33 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jan-2026 19:02:33 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sat, 10 Oct 2020 19:02:33 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv&dcc=t
Set-Cookie
ad-id=A4l40CWplkG9gpca1_M27Ac|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jul-2021 19:02:33 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 016D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sat, 10 Oct 2020 18:36:47 GMT
expires
Sun, 10 Oct 2021 18:36:47 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1546
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201007&jk=2705965136233449&bg=!9vWl9dXNAAWqWepuqlhM9w1HumyfgAIAAABVUgAAAAsKAIc7-C1RY9narJeOP6KAD2tym0bPkWrfaclEduFo6hYI08qBjMqM3xCkwJNsgJLCx8yYwsMyN8LGgN81WQIKmbMXuKKM5FM1P0AdLzvYN34U7DjeugHuaNNOdqMueTPICLC3L0hpKz-fgT22QdFfwk6WIsToYwAsXZC9Z-NSMRuxnAcyG5PiSxCZAaz0lCt_IJlc-UjwiQzjJh-4NiZYZuZxPKkJqj84oirxBge8NLbd7fvxHl9SGn1kpp0AxYvXgm5bR8jKaJpBWpfD93SFYpLTsVSjLYkYlpE-sUXx-GjbhrUhb0wsdVdX934DbjOzjlHSyWr0uGaPr8K9RLHzPC-fqiQ8_JndwYbGeJne4Zr8nuMAlMwgGOT5SBS0Xt9acN4Th3tw3n_lQ6IA2Droc8kRA4PC_kpgO8cyzRUIC283qzmQ0oXukHxR6OvC0j5xh0e6ULh4XnGRhsoz6QpqsO5NP107jnNgSEQxVgVm2yhPQmPzGxfJDrVz61VOvDQN85iEoZD9IowOd85aCTe36F1c_VOZDafUd3vjG9oU2GT-sm97FESXuDgPdCP5GWf6GC-iktX-XNaYXsFzjlC8G_giP48JUJYqNj3BrqQniMmAw9YszKDpUbk122GsgcvNPeSkdyddNWuBTsVkqUcTahYHwQwzV5ItXo5WDeoFk4HduszzyX_JlAGrUqUN_XvYIewbioAqQPdW9GcZ32pXeL0ffaxzK9FJLxuDKg2J4Cb3MPWYUsrRGQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Oct 2020 19:02:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2705965136233449&correlator=182400343997667&output=ldjh&impl=fifs&adsid=NT&vrg=2020100601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201010&iu_parts=232881841%2CMSL_160v_1%2CMSL_160v_2%2CMSL_728v_1%2CMSL_728v_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=160x600%7C120x600%2C160x600%7C120x600%2C728x90%7C468x60%7C728x250%2C728x90%7C468x60%7C728x250%7C420x350&prev_scp=refreshIteration%3D0%26refresh_count%3D0%26pbglobal%3Daaw%26amznbid%3D2%26amznp%3D2%26bidDensity%3D0%26tif%3Dtrue%7CrefreshIteration%3D0%26refresh_count%3D0%26pbglobal%3Daaw%26amznbid%3D2%26amznp%3D2%26bidDensity%3D0%26tif%3Dtrue%7CrefreshIteration%3D0%26refresh_count%3D0%26pbglobal%3Daaw%26amznbid%3D2%26amznp%3D2%26bidDensity%3D0%26tif%3Dtrue%7CrefreshIteration%3D0%26refresh_count%3D0%26pbglobal%3Daaw%26amznbid%3D2%26amznp%3D2%26bidDensity%3D0%26tif%3Dtrue&cust_params=wrapversion%3D3%26gpt_l%3D400%26wrap_l%3D500%26gads%3Dfalse%26browserLangCode%3DEN-US%26sesDepth%3D1%26referrer%3D_none%26tcf_s%3Dtcnotfound%26tcf_gdpr%3Dfalse%26hban_auctionInit%3D300%26hban_auctionEnd%3D500&cookie_enabled=1&bc=31&abxe=1&lmt=1602356553&dt=1602356553233&dlt=1602356552181&idt=661&frm=20&biw=1600&bih=1200&oid=3&adxs=341%2C341%2C521%2C521&adys=574%2C2058%2C216%2C1375&adks=415504293%2C1280837720%2C1980022602%2C3965883599&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.messletters.com%2Fen%2F&dssz=31&icsg=10875579119&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x610%7C170x610%7C738x100%7C728x90&msz=160x600%7C160x600%7C728x90%7C728x90&ga_vid=1893487101.1602356553&ga_sid=1602356553&ga_hid=1968068476&fws=4%2C516%2C4%2C4&ohw=160%2C160%2C728%2C728&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
3fc81ba40cd5f08ad3212c26f912c7ae7d4fd8eb78dfbe05230b80d202403d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 19:02:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6779
x-xss-protection
0
google-lineitem-id
-2,-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.messletters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.messletters.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 77F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sat, 10 Oct 2020 19:02:33 GMT
expires
Sun, 10 Oct 2021 19:02:33 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7213 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.messletters.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.messletters.com/en/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sat, 10 Oct 2020 19:02:33 GMT
expires
Sun, 10 Oct 2021 19:02:33 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| detectWidth function| highlightElementSelection function| copyToClipboard function| strtr function| selectText function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| apstag function| docReady object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| experimental object| mess_index object| arrayReplace string| stickyWidth object| topButton object| stickyBottom number| headerHeight number| initContentPadding function| getNewMeasurements boolean| loaded boolean| processed object| stickyActivator function| startSticky boolean| sw object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| apstagLOADED object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlYCrAlGM_Tk1W5YJ7uY5D0rkRaDNQWK2UcrIRYLm12Ft-yaLzN0PdV9EKA
.messletters.com/ Name: _pubcid
Value: fb48d0f2-ab6d-4a6c-981e-108ddd8593b2
www.messletters.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: px69ZXGBung
.messletters.com/ Name: _gat_gtag_UA_5528752_2
Value: 1
.messletters.com/ Name: _ga
Value: GA1.2.1893487101.1602356553
www.messletters.com/ Name: _uc_referrer
Value: direct
.youtube.com/ Name: YSC
Value: STXFIQb9f0U
www.messletters.com/ Name: _aaw_sesdepth
Value: 1
.messletters.com/ Name: _gid
Value: GA1.2.1004188550.1602356553
.messletters.com/ Name: language
Value: en
.messletters.com/ Name: __cfduid
Value: db9ffeb281a794958c661374fc8c418e21602356551

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7db367db8dd7f6e550bbdfb4751f9348.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.yieldmo.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
cdn.adapex.io
cdnjs.cloudflare.com
digikulture-d.openx.net
dmx.districtm.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
messletters.com
mug.criteo.com
pagead2.googlesyndication.com
prebid.adnxs.com
securepubads.g.doubleclick.net
ssc.33across.com
tpc.googlesyndication.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.messletters.com
www.youtube.com
104.111.215.135
104.16.68.69
172.217.23.162
178.250.0.157
185.64.189.112
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:3030::681c:1ae7
2606:4700:3030::681c:3a
2606:4700:3037::ac43:8397
2606:4700::6811:4f6b
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2001
2a00:1450:4001:819::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2002
2a02:2638::1c
2a02:fa8:8806:13::1460
35.244.159.8
37.252.161.190
37.252.173.38
52.95.118.60
63.35.44.167
67.202.110.21
99.86.240.180
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
127085a14ada8df4333c4b519061e0c8fdf5bffd000db0651a1d874c40526450
1798ea84be7911c616d75e58d979c0dfffa6cc177c33e31125bb2abdf34c0781
2545252f365850b27d3b17f831705aacc022c37cdf2273f7b5cbb32ca084bdc4
2760654e9b6c7c79028bc0fd007d679e0ce09fbeaf9fb187537b58de0a63029c
2d1e7f3331c8b78b435887f499fad289833a6c973f97c5227cbb5cddb26883c5
31bbbecce5fe1df8faab0019d4e29d25da2fb4391138b0f51ebea815a2811964
3483958327260f53e180e8576e6e114d37f9592d09ee93a2404e6f0c633983e7
3ad33766c19b9357f2858aa75aa82e97b0998db5bd8fcb6473fc0cfe9da5080a
3fc81ba40cd5f08ad3212c26f912c7ae7d4fd8eb78dfbe05230b80d202403d90
41b8fbe141c6f3d89c08db19505e4cd0a56491f909e2ebb8ff7898347976c1d7
452db5003531e902c281a43cd8a2ac31522a44c19405526c00c6a7dae4808eda
4dcf7b3f3acb5a98cb01e88291bd18cbbb55762cb06718034321d2fbad8a210a
5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7225362559924ba66073876d2a26bd6be97694147e77764d9179d06b7d706fe9
7864efc98a416143e7029e5430c21b87fa5453e743eade49b7432915d0b66049
7c81978fdee951ac6ee8cc09702cdc9989efa92f99ca61c8ed242b35f9d20cad
874f2de8e3aedbf21242ffe508c4c53b737ab8db7f77943a7df70ca2eccb59d0
93d5ac72785c9c4dd7cc3a1d0ca8645e24a21859838c6afe1f6f7213e4e1fa22
9733ae4071bdff63aebc5a42c720af3b2700a58714aa2646c64d97e8d3f17dd7
9ab974ecbea86bb7f98910529ee91abbf6a182aa647e04dd7032734955d8303d
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a0aa50065418b7d3ff8f353b83548a727ad4279acb74be33e6746a2dce6247b4
aaab330c906c7acfe1814e6204a3010e05a0e94f09aeca10baa64ac0fea9c42e
bfe7ffc89e90235c3bfa72779ea3b1f9d8adb1f3d63d1b4920d158d15522fc6f
c275c6563c59538e0c313b0376ca417af5d5c51f1c038357f21de08c4b2e3229
c4ab01eef961784723f60b1bdd4b4894c53aaa7338013890032cb01e19096c4a
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
d1b7997633e5c57b02a8f562e4b449fab121e3c992a390168c444aa3f5f56ac5
d30402b6c051753a27998a64e310201b9ffa7aa6688afb8ce936f349f257180e
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53375a0e41bf353854054858aaaa26f6eeae9a94d4259347d7ea2441818da6a
e61c279f01260826e6179341edd2b90c159ba0601816f9675912ca1e6978dfa9
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
fa015b6e1f9016ce8504b6e9b7e9d0f76bd7151969eb2bc731db23a9a675e8ec
fa600f792190db61827b6fde8280cdcf34b9e81834708cd883c8c68dae45ee7b
ffaf7fc2a676784fb10652495e6114ea4205c2820f7ea6df6584e61d7714c7fc